Security Advisory WSO2-2021-1260

Published: September 02, 2021

Version: 1.0.0

Severity: Medium

CVSS Score: 6.1 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)


AFFECTED PRODUCTS

  • WSO2 Enterprise Integrator : 6.1.0 , 6.1.1 , 6.2.0

OVERVIEW

Arbitrary file deletion vulnerability in the Management Console.

DESCRIPTION

Due to the unsanitized user input in the Artifact Upload feature, an arbitrary file deletion attack could be carried out by a malicious actor.

IMPACT

In order to exploit this vulnerability, the malicious actor should have a valid user account with required administrative privileges to authenticate to the Management Console and should be able to reach it (WSO2 Security Guidelines for Production Deployment 1 recommends not to publicly expose the Management Console). If such access could be obtained, the malicious actor could delete any file from the host machine if the system user account running the WSO2 server has the privilege to delete those files.

SOLUTION

If the latest version of the affected WSO2 product is not mentioned under the affected product list, you may migrate to the latest version to receive security fixes.

Otherwise, you may apply the relevant fixes to the product based on the public fix(s):

Info

If you are a WSO2 customer with a support subscription, use WSO2 Updates in order to apply the fix.

CREDITS

WSO2 thanks, Matei Mal Badanoiu for responsibly reporting the identified issue and working with us as we addressed it.

REFERENCES