Platform Features
By Need
By Industry
Partner Program
Our Partners
Key Alliances
Resource Center
Explore Noname Security
Certified for your security needs.
Platform Features
By Need
By Industry
Partner Program
Our Partners
Key Alliances
Resource Center
{ "term_id": 171, "name": "Dor Dankner", "slug": "dor-dankner", "term_group": 0, "term_taxonomy_id": 171, "taxonomy": "wpx-authors", "description": "", "parent": 0, "count": 4, "filter": "raw" }
Well known open-source technology provider, WSO2, recently reported a critical vulnerability that would allow for remote code execution by cybercriminals. Known as CVE-2022-29464, the vulnerability received a 9.8 CVSS score and has been added to CISA’s Known Exploited Vulnerabilities Catalog. According to the company’s security advisory, “due to improper validation of user input, a malicious actor could upload an arbitrary file to a user controlled location of the server. By leveraging the arbitrary file upload vulnerability, it is further possible to gain remote code execution on the server.”
The vulnerability has raised concerns from industry leaders as many of WSO2’s products are used by Fortune 500 companies. The advisory noted that WSO2’s API Manager, Identity Server, Enterprise Integrator, and Open Banking products were among those impacted by the threat. If exploited, hackers could gain access to sensitive data, cause a denial of service, and even gain full control over your APIs by using this vulnerability on your API Gateway. Ultimately compromising the integrity, reliability, and privacy of your APIs.
As noted in the security advisory, this vulnerability may affect the following products:
We recommend updating your systems to the latest version and checking your webApp directory for any suspicious or new JSP files. If you’re a Noname Security customer, our API Security Platform can detect changes or misconfigurations in your APIs that may have been caused by an attacker. We can identify anomalies in the APIs’ behavior based on historical traffic, the current security posture, and by having an understanding of your business logic.
Date Issued | April 26, 2022 |
Threat Name | CVE-2022-29464 |
Description | A recent vulnerability in the WSO2 platform allows unauthenticated attackers to upload arbitrary files, which could lead to code execution. An attacker can exploit this vulnerability to gain access to sensitive data, cause a denial of service, and even gain full control over your APIs by using this vulnerability on your API Gateway. This vulnerability can compromise the integrity, reliability, and privacy of your APIs. |
Product / Releases impacted | This vulnerability affects many WSO2 products including:
|
Noname Security Detection | Any abuse to the APIs based on this attack will be detected by the Noname Platform, which identifies anomalies in the APIs’ behavior based on historical traffic, the current security posture, and an understanding of the customer’s business logic. |
Recommendation | We recommend updating your systems to the latest version and checking your webApp directory for any suspicious or new JSP files. The Noname API Security Platform can detect changes or misconfigurations in your APIs that may have been caused by an attacker. |
Technical information |
|
Resources | CVE-2022-29464 https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1738 https://github.com/hakivvi/CVE-2022-29464 |
Certified for your security needs.