admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-7097.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

55 lines
4.2 KiB
Markdown
Raw Permalink Blame History

### [CVE-2024-7097](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7097)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20API%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Enterprise%20Mobility%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Identity%20Server%20as%20Key%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Identity%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Open%20Banking%20AM&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Open%20Banking%20IAM&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=WSO2%20Open%20Banking%20KM&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.3.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.4.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1.5.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.5.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.6.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.2.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.3.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.10.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.11.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.3.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.4.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.4.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.5.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.6.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.7.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.8.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=5.9.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.0.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)
### Description
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the SOAP admin service, which allows user account creation regardless of the self-registration configuration settings. This vulnerability enables malicious actors to create new user accounts without proper authorization.Exploitation of this flaw could allow an attacker to create multiple low-privileged user accounts, gaining unauthorized access to the system. Additionally, continuous exploitation could lead to system resource exhaustion through mass user creation.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/cyb3r-w0lf/nuclei-template-collection
Reference in New Issue View Git Blame Copy Permalink