Security Advisory WSO2-2019-0655¶
Published: December 02, 2019
CVSS Score: 5.8 (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L)
- WSO2 IS as Key Manager
- WSO2 Identity Server
Upgrade the WSO2 IS as Key Manager to 5.9.0 and WSO2 Identity Server to 5.9.0 or higher released version which is not affected by this vulnerability. If you have any questions, post them to firstname.lastname@example.org.
If you are a WSO2 customer with a support subscription, use WSO2 Update Manager (WUM) updates in order to apply the fix. This patch is intended for WSO2 community (free) users.