S4E

CVE-2022-29464 Scanner

Detects 'File Upload' vulnerability in WSO2 API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager and Enterprise Integrator affects v. WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

3 days

Scan only one

Domain, IPv4

Toolbox

-

WSO2 is a comprehensive open-source integration platform used by businesses to digitally transform their operations. Among the WSO2 offerings are the API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager, and Enterprise Integrator. The API Manager is a tool for creating APIs, managing their lifecycle, and engaging with developers. The Identity Server provides a centralized authentication and authorization mechanism, and the Identity Server Analytics enables the extraction of valuable insights from the data generated by the server. The Key Manager, on the other hand, provides the functionalities of a digital certificate and key management service. Lastly, the Enterprise Integrator provides a platform for creating integrations between various applications.

The CVE-2022-29464 vulnerability detected in these WSO2 products enables attackers to upload arbitrary files, leading to remote code execution. This vulnerability arises from the unrestricted file upload functionality in the products. An attacker can exploit this vulnerability by using a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root.

When exploited, the CVE-2022-29464 vulnerability can lead to serious security issues, including the execution of arbitrary code on the target system. An attacker can leverage the remote code execution to gain unauthorized access to sensitive data or disrupt business operations. Such an attack can have severe consequences on the victim organization, including regulatory fines, legal suits, and damage to reputation.

Thanks to the pro features of the s4e.io platform, readers of this article can easily and quickly learn about vulnerabilities that may affect their digital assets. The platform provides a range of vulnerability scanning services that enable businesses to identify and mitigate security issues before they can be exploited. With its easy-to-use interface and comprehensive reporting, s4e.io is the go-to platform for businesses looking to secure their digital assets.

 

REFERENCES

Get started to protecting your Free Full Security Scan