CVE-2024-3511

Name of the Vulnerable Software and Affected Versions: WSO2 products (affected versions not specified)

Description: An incorrect authorization issue exists, allowing unauthorized access to versioned files stored in the registry. This is due to flawed authorization logic, which can be exploited by a malicious actor with access to the management console to retrieve versioned files without proper authorization. Successful exploitation could lead to unauthorized disclosure of configuration or resource files, potentially aiding further attacks or system reconnaissance.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.