CNNVD-202509-3677 Information

Sep 23, 2025 cve

CNNVD ID

CNNVD-202509-3677

CVE-2024-6429

CNNVD Published: 2025-09-23

Description (Chinese)

WSO2 Identity Server（IS）是美国WSO2公司的一款身份认证服务器。 WSO2 Identity Server（IS）存在安全漏洞，该漏洞源于错误消息处理不当，可能导致恶意内容注入和社会工程攻击。

Description (English)

WO2 Infrastructure Server (IS) is an identification server for WSO2 in the United States. WO2 Infrastructure Server (IS) has a security loophole that stems from the mishandling of false information, which could lead to malicious infusion of content and social engineering attacks.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

WSO2

Published

2025-09-23

Last Modified

2026-02-24

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/

Patch

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3490/

Share on: