1. CVE-Search
  2. CVE-2020-14446
ID CVE-2020-14446
Summary An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.10.0. An open redirect exists.
References
Vulnerable Configurations
  • cpe:2.3:a:wso2:identity_server_as_key_manager:-:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:-:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:1.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:1.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:1.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:2.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:2.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:2.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server_as_key_manager:5.10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:3.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:3.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:4.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:4.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:4.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:4.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:4.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:wso2:identity_server:5.10.0:*:*:*:*:*:*:*
CVSS
Base: 5.8 (as of 16-11-2022 - 03:49)
Impact:
Exploitability:
CWE CWE-601
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:N
refmap via4
confirm https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2020-0713
misc https://cybersecurityworks.com/zerodays/cve-2020-14446-wso2.html
Last major update 16-11-2022 - 03:49
Published 18-06-2020 - 18:15
Last modified 16-11-2022 - 03:49
Back to Top