CNNVD-202510-2365 Information

CNNVD ID

CNNVD-202510-2365

Related CVE

CVE-2025-9955

• CNNVD Published: 2025-10-16

Description (Chinese)

WSO2 Enterprise Integrator是美国WSO2公司的一套开源的混合集成平台。该平台支持多个应用程序之间进行通信。 WSO2 Enterprise Integrator存在安全漏洞，该漏洞源于内部SOAP管理服务权限限制不足，可能导致低权限用户访问日志数据和用户存储配置详情。

Description (English)

WSO2 Enterprise Integrator is an open-source, hybrid integrated platform for WSO2 in the United States. The platform supports communication between multiple applications. WSO2 Enterprise Integrator has a security loophole, which stems from in-house SOAP management service limitations, which may lead to low-permissible users accessing log data and user storage configuration details.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

WSO2

Published

2025-10-16

Last Modified

2026-02-24

References

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/

Patch

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4526/