{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2024-7096","assignerOrgId":"ed10eef1-636d-4fbe-9993-6890dfa878f8","state":"PUBLISHED","assignerShortName":"WSO2","dateReserved":"2024-07-25T06:35:14.323Z","datePublished":"2025-05-30T14:54:32.417Z","dateUpdated":"2025-12-03T07:47:35.374Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"WSO2 Open Banking IAM","vendor":"WSO2","versions":[{"lessThan":"2.0.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"2.0.0.364","status":"affected","version":"2.0.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"WSO2 Open Banking AM","vendor":"WSO2","versions":[{"lessThan":"1.3.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"1.3.0.131","status":"affected","version":"1.3.0","versionType":"custom"},{"lessThan":"1.4.0.134","status":"affected","version":"1.4.0","versionType":"custom"},{"lessThan":"1.5.0.136","status":"affected","version":"1.5.0","versionType":"custom"},{"lessThan":"2.0.0.343","status":"affected","version":"2.0.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"WSO2 API Manager","vendor":"WSO2","versions":[{"lessThan":"2.0.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"2.0.0.29","status":"affected","version":"2.0.0","versionType":"custom"},{"lessThan":"2.1.0.39","status":"affected","version":"2.1.0","versionType":"custom"},{"lessThan":"2.2.0.56","status":"affected","version":"2.2.0","versionType":"custom"},{"lessThan":"2.5.0.83","status":"affected","version":"2.5.0","versionType":"custom"},{"lessThan":"2.6.0.142","status":"affected","version":"2.6.0","versionType":"custom"},{"lessThan":"3.0.0.162","status":"affected","version":"3.0.0","versionType":"custom"},{"lessThan":"3.1.0.294","status":"affected","version":"3.1.0","versionType":"custom"},{"lessThan":"3.2.0.384","status":"affected","version":"3.2.0","versionType":"custom"},{"lessThan":"3.2.1.16","status":"affected","version":"3.2.1","versionType":"custom"},{"lessThan":"4.0.0.305","status":"affected","version":"4.0.0","versionType":"custom"},{"lessThan":"4.1.0.166","status":"affected","version":"4.1.0","versionType":"custom"},{"lessThan":"4.2.0.101","status":"affected","version":"4.2.0","versionType":"custom"},{"lessThan":"4.3.0.16","status":"affected","version":"4.3.0","versionType":"custom"}]},{"defaultStatus":"unknown","product":"WSO2 Enterprise Mobility Manager","vendor":"WSO2","versions":[{"lessThan":"2.2.0.26","status":"affected","version":"2.2.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"WSO2 Identity Server","vendor":"WSO2","versions":[{"lessThan":"5.2.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"5.2.0.32","status":"affected","version":"5.2.0","versionType":"custom"},{"lessThan":"5.3.0.33","status":"affected","version":"5.3.0","versionType":"custom"},{"lessThan":"5.4.1.36","status":"affected","version":"5.4.1","versionType":"custom"},{"lessThan":"5.5.0.50","status":"affected","version":"5.5.0","versionType":"custom"},{"lessThan":"5.6.0.58","status":"affected","version":"5.6.0","versionType":"custom"},{"lessThan":"5.7.0.123","status":"affected","version":"5.7.0","versionType":"custom"},{"lessThan":"5.8.0.106","status":"affected","version":"5.8.0","versionType":"custom"},{"lessThan":"5.9.0.157","status":"affected","version":"5.9.0","versionType":"custom"},{"lessThan":"5.10.0.318","status":"affected","version":"5.10.0","versionType":"custom"},{"lessThan":"5.11.0.365","status":"affected","version":"5.11.0","versionType":"custom"},{"lessThan":"6.0.0.209","status":"affected","version":"6.0.0","versionType":"custom"},{"lessThan":"6.1.0.188","status":"affected","version":"6.1.0","versionType":"custom"},{"lessThan":"7.0.0.60","status":"affected","version":"7.0.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"WSO2 Identity Server as Key Manager","vendor":"WSO2","versions":[{"lessThan":"5.3.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"5.3.0.38","status":"affected","version":"5.3.0","versionType":"custom"},{"lessThan":"5.5.0.51","status":"affected","version":"5.5.0","versionType":"custom"},{"lessThan":"5.6.0.72","status":"affected","version":"5.6.0","versionType":"custom"},{"lessThan":"5.7.0.122","status":"affected","version":"5.7.0","versionType":"custom"},{"lessThan":"5.9.0.165","status":"affected","version":"5.9.0","versionType":"custom"},{"lessThan":"5.10.0.312","status":"affected","version":"5.10.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"WSO2 Open Banking KM","vendor":"WSO2","versions":[{"lessThan":"1.3.0","status":"unknown","version":"0","versionType":"custom"},{"lessThan":"1.3.0.114","status":"affected","version":"1.3.0","versionType":"custom"},{"lessThan":"1.4.0.130","status":"affected","version":"1.4.0","versionType":"custom"},{"lessThan":"1.5.0.120","status":"affected","version":"1.5.0","versionType":"custom"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A privilege escalation vulnerability exists in multiple WSO2 products due to a business logic flaw in SOAP admin services. A malicious actor can create a new user with elevated permissions <b>only when all of the following conditions are met</b>:<br><ul><li>SOAP admin services are accessible to the attacker.</li><li>The deployment includes an internally used attribute that is not part of the default WSO2 product configuration.</li><li>At least one custom role exists with non-default permissions.</li><li>The attacker has knowledge of the custom role and the internal attribute used in the deployment.</li></ul>Exploiting this vulnerability allows malicious actors to assign higher privileges to self-registered users, bypassing intended access control mechanisms.<br>"}],"value":"A privilege escalation vulnerability exists in multiple WSO2 products due to a business logic flaw in SOAP admin services. A malicious actor can create a new user with elevated permissions only when all of the following conditions are met:\n  *  SOAP admin services are accessible to the attacker.\n  *  The deployment includes an internally used attribute that is not part of the default WSO2 product configuration.\n  *  At least one custom role exists with non-default permissions.\n  *  The attacker has knowledge of the custom role and the internal attribute used in the deployment.\n\n\nExploiting this vulnerability allows malicious actors to assign higher privileges to self-registered users, bypassing intended access control mechanisms."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"ADJACENT_NETWORK","availabilityImpact":"NONE","baseScore":4.2,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"ed10eef1-636d-4fbe-9993-6890dfa878f8","shortName":"WSO2","dateUpdated":"2025-12-03T07:47:35.374Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3573/"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Follow the instructions given on <a target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3573/#solution\">https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3...</a> <br>"}],"value":"Follow the instructions given on  https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2024/WSO2-2024-3573/#solution"}],"source":{"advisory":"WSO2-2024-3573","discovery":"INTERNAL"},"title":"Privilege Escalation in Multiple WSO2 Products via SOAP Admin Service Due to Business Logic Flaw","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-05-30T15:01:23.580052Z","id":"CVE-2024-7096","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-05-30T15:01:40.977Z"}}]}}