Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-8010

The component accepts XML input through the publisher without disabling external entity resolution. This allows malicious actors to submit a crafted XML payload that exploits the unescaped external entity references. By leveraging this vulnerability, a malicious actor can read confidential files from the product's file system or access limited HTTP resources reachable via HTTP GET requests to the vulnerable product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 18.8%
CVSS Severity
CVSS v3 Score 3.5
Products affected by CVE-2024-8010
  • Wso2 » Api Manager » Version: 3.2.0
    cpe:2.3:a:wso2:api_manager:3.2.0
  • Wso2 » Api Manager » Version: 3.2.0.226
    cpe:2.3:a:wso2:api_manager:3.2.0.226
  • Wso2 » Api Manager » Version: 3.2.0.278
    cpe:2.3:a:wso2:api_manager:3.2.0.278
  • Wso2 » Api Manager » Version: 3.2.0.368
    cpe:2.3:a:wso2:api_manager:3.2.0.368
  • Wso2 » Api Manager » Version: 3.2.0.384
    cpe:2.3:a:wso2:api_manager:3.2.0.384
  • Wso2 » Api Manager » Version: 3.2.1
    cpe:2.3:a:wso2:api_manager:3.2.1
  • Wso2 » Api Manager » Version: 3.2.1.16
    cpe:2.3:a:wso2:api_manager:3.2.1.16
  • Wso2 » Api Manager » Version: 4.0.0
    cpe:2.3:a:wso2:api_manager:4.0.0
  • Wso2 » Api Manager » Version: 4.0.0.168
    cpe:2.3:a:wso2:api_manager:4.0.0.168
  • Wso2 » Api Manager » Version: 4.0.0.217
    cpe:2.3:a:wso2:api_manager:4.0.0.217
  • Wso2 » Api Manager » Version: 4.0.0.280
    cpe:2.3:a:wso2:api_manager:4.0.0.280
  • Wso2 » Api Manager » Version: 4.0.0.293
    cpe:2.3:a:wso2:api_manager:4.0.0.293
  • Wso2 » Api Manager » Version: 4.0.0.305
    cpe:2.3:a:wso2:api_manager:4.0.0.305
  • Wso2 » Api Manager » Version: 4.0.0.310
    cpe:2.3:a:wso2:api_manager:4.0.0.310
  • Wso2 » Api Manager » Version: 4.1.0
    cpe:2.3:a:wso2:api_manager:4.1.0
  • Wso2 » Api Manager » Version: 4.1.0.136
    cpe:2.3:a:wso2:api_manager:4.1.0.136
  • Wso2 » Api Manager » Version: 4.1.0.152
    cpe:2.3:a:wso2:api_manager:4.1.0.152
  • Wso2 » Api Manager » Version: 4.1.0.166
    cpe:2.3:a:wso2:api_manager:4.1.0.166
  • Wso2 » Api Manager » Version: 4.2.0
    cpe:2.3:a:wso2:api_manager:4.2.0
  • Wso2 » Api Manager » Version: 4.2.0.100
    cpe:2.3:a:wso2:api_manager:4.2.0.100
  • Wso2 » Api Manager » Version: 4.2.0.108
    cpe:2.3:a:wso2:api_manager:4.2.0.108
  • Wso2 » Api Manager » Version: 4.2.0.80
    cpe:2.3:a:wso2:api_manager:4.2.0.80
  • Wso2 » Api Manager » Version: 4.3.0
    cpe:2.3:a:wso2:api_manager:4.3.0
  • Wso2 » Api Manager » Version: 4.3.0.16
    cpe:2.3:a:wso2:api_manager:4.3.0.16


Products
Pricing
Contact Us

Shodan ® - All rights reserved