Carbon Identity Application Authentication Framework
1 CVEs
product
Monthly
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable. No vendor patch available.
Authentication Bypass
Api Manager
Identity Server
Identity Server As Key Manager
Carbon Identity Application Authentication Endpoint
+1
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2023-6837
Maven
EPSS 0%
CVSS 8.2
HIGH
PATCH
This Week
Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable. No vendor patch available.
Authentication Bypass
Api Manager
Identity Server
+3
NVD