CNNVD-202509-3692 Information

Sep 23, 2025 cve

CNNVD ID

CNNVD-202509-3692

CVE-2024-4598

CNNVD Published: 2025-09-23

Description (Chinese)

WSO2 Identity Server（IS）是美国WSO2公司的一款身份认证服务器。 WSO2 Identity Server（IS）存在安全漏洞，该漏洞源于enrich mediator实现不当，可能导致敏感业务信息泄露。

Description (English)

WO2 Infrastructure Server (IS) is an identification server for WSO2 in the United States. WO2 Health Server (IS) has a security loophole, which stems from the improper implementation of enrich media, which may lead to the disclosure of sensitive operational information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

WSO2

Published

2025-09-23

Last Modified

2026-02-24

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/

Patch

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2024-3355/

Share on: