Critical severityNVD Advisory· Published May 20, 2020· Updated Aug 4, 2024
CVE-2020-13226
CVE-2020-13226
Description
WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wso2.am:am-parentMaven | <= 3.0.0 | — |
Affected products
2- WSO2/API Managerdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-jfgp-q2hg-w285ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-13226ghsaADVISORY
- docs.wso2.com/display/Security/Security+Advisoriesghsax_refsource_MISCWEB
- docs.wso2.com/display/Security/WSO2+Security+Vulnerability+Management+Processghsax_refsource_MISCWEB
- github.com/wso2/docs-apim/issues/816ghsax_refsource_MISCWEB
- github.com/wso2/product-apim/issues/7677ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.