CVE-2019-6515

CVE-2019-6515

by adidionxlm

Abstract Advisory Information

WSO2 API Manager is an open source approach that addresses full API lifecycle management, monetization, and policy enforcement.
Uploaded documents for API’s documentation on publisher part are available for unauthenticated user.

Authors: Julien Oury–Nogues

Version affected

Name: WSO2 API Manager
Versions: 2.6.0

Common Vulnerability Scoring System

4.3
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Patches

Unknown

References

None

Vulnerability Disclosure Timeline

  • 19/10/2018 – Vulnerability discovered
  • 22/10/2018 – Contact WSO2 security team
  • 29/10/2018 – Acknowledgement From WSO2 security team
  • 21/02/2019 – Public disclosure
Top