PT-2019-18133 · Wso2 · Wso2 Api Manager
Published
2019-05-14
·
Updated
2020-08-24
·
CVE-2019-6515
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
WSO2 API Manager version 2.6.0
Description
An issue was discovered where uploaded documents for API documentation are accessible to unauthenticated users.
Recommendations
For WSO2 API Manager version 2.6.0, restrict access to uploaded API documentation to authenticated users only.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wso2 Api Manager