An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server.
Exploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.
{
"versions": [
{
"introduced": "0"
},
{
"last_affected": "4.5.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "3.0.0"
},
{
"introduced": "0"
},
{
"last_affected": "3.1.0"
},
{
"introduced": "0"
},
{
"last_affected": "3.2.0"
},
{
"introduced": "0"
},
{
"last_affected": "4.0.0"
},
{
"introduced": "0"
},
{
"last_affected": "4.1.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "4.2.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "4.3.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "4.4.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "4.5.0-NA"
},
{
"introduced": "0"
},
{
"last_affected": "2.0.0"
},
{
"introduced": "0"
},
{
"last_affected": "4.5.0"
}
]
}