Security Advisory WSO2-2021-1260¶
Published: September 02, 2021
Version: 1.0.0
Severity: Medium
CVSS Score: 6.1 (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H)
AFFECTED PRODUCTS¶
- WSO2 Enterprise Integrator : 6.1.0 , 6.1.1 , 6.2.0
OVERVIEW¶
Arbitrary file deletion vulnerability in the Management Console.
DESCRIPTION¶
Due to the unsanitized user input in the Artifact Upload feature, an arbitrary file deletion attack could be carried out by a malicious actor.
IMPACT¶
In order to exploit this vulnerability, the malicious actor should have a valid user account with required administrative privileges to authenticate to the Management Console and should be able to reach it (WSO2 Security Guidelines for Production Deployment 1 recommends not to publicly expose the Management Console). If such access could be obtained, the malicious actor could delete any file from the host machine if the system user account running the WSO2 server has the privilege to delete those files.
SOLUTION¶
If the latest version of the affected WSO2 product is not mentioned under the affected product list, you may migrate to the latest version to receive security fixes.
Otherwise, you may apply the relevant fixes to the product based on the public fix(s):
Info
If you are a WSO2 customer with a support subscription, use WSO2 Updates in order to apply the fix.
CREDITS¶
WSO2 thanks, Matei Mal Badanoiu for responsibly reporting the identified issue and working with us as we addressed it.