Security Advisory WSO2-2022-2182¶
Published: June 15, 2023
Version: 1.0.0
Severity: High
CVSS Score: 8.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)
AFFECTED PRODUCTS - REFER TO PATCH LIST BELOW¶
- API Manager 3.1.0, 3.2.0 limited to the following profiles:
- Default profile (all-in-one)
- Api-devportal profile
- Api-key-manager profile
- Api-publisher profile
- API Manager 4.0.0, 4.1.0 limited to the following profiles:
- Default profile (all-in-one)
- Control-plane profile
- WSO2 Identity Server 5.10.0, 5.11.0
- WSO2 Identity Server as Key Manager 5.10.0
- WSO2 Open Banking AM 2.0.0, 3.0.0
- WSO2 Open Banking IAM 2.0.0, 3.0.0
Warning
WSO2 proactively issues security patches for all the supported product versions listed under WSO2 Support Matrix (available and deprecated status). The vulnerability may affect older product versions that are in extended and discontinued statuses as well.
OVERVIEW¶
A potential authenticated SQL Injection vulnerability in the OAuth2 endpoint.
DESCRIPTION¶
A specific user input accepted by the OAuth2 endpoint is vulnerable to an SQL Injection. In order to exploit the vulnerability, a malicious actor needs to be authenticated.
IMPACT¶
A successful SQL injection attack could result in unauthorized access or alterations to data in the database.
Info
If you are a WSO2 customer with Support Subscription, please use WSO2 Updates in order to apply the fix.
The update levels are available in the below table. You should update your product to the specified update level or a higher update level to apply the fix
| Product Name | Product Version | Update Level | WUM Timestamp |
|---|---|---|---|
| WSO2 API Manager | 3.1.0 | 162 | 1664976509070 |
| WSO2 API Manager | 3.2.0 | 203 | 1664976509070 |
| WSO2 API Manager | 4.0.0 | 148 | N/A |
| WSO2 API Manager | 4.1.0 | 35 | N/A |
| WSO2 Identity Server | 5.10.0 | 176 | 1664976509070 |
| WSO2 Identity Server | 5.11.0 | 189 | N/A |
| WSO2 Identity Server as Key Manager | 5.10.0 | 176 | 1664976509070 |
| WSO2 Open Banking AM | 2.0.0 | 198 | 1664976509070 |
| WSO2 Open Banking AM Accelerator | 3.0.0 | Refer to WSO2AM-4.0.0 update level since this vulnerability is originating from the base product | N/A |
| WSO2 Open Banking IAM | 2.0.0 | 208 | 1664976509070 |
| WSO2 Open Banking IAM Accelerator | 3.0.0 | Refer to WSO2IAM-5.11.0 update level since this vulnerability is originating from the base product | N/A |
If you are an open-source user or using a product version that is EOL (End of License) :
You may migrate to the latest version of the product if the latest version is not listed under the list of the affected products. Otherwise, you may apply the relevant fixes to the product based on the public fixes as given below: - https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/1603