CVE-2024-7073 in Identity Server as Key Manager정보

요약

\~에 의해 MITRE • 2025. 06. 02.

A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to improper input validation in SOAP admin services. This flaw allows unauthenticated attackers to manipulate server-side requests, enabling access to internal and external resources available through the network or filesystem.

Exploitation of this vulnerability could lead to unauthorized access to sensitive data and systems, including resources within private networks, as long as they are reachable by the affected product.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

WSO2

예약하다

2024. 07. 24.

공개

2025. 06. 02.

모더레이션

수락

항목

VDB-310860

CPE

준비됨

CWE

CWE-918 (확인됨)

CVSS

6.5 (CNA)

EPSS

0.00218

KEV

아니요

활동

매우 낮음

부문

Finance

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-7073
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-7073
CVE Details	https://www.cvedetails.com/cve/CVE-2024-7073/

◂ 이전 개요 다음 ▸

Do you need the next level of professionalism?

Upgrade your account now!