{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2905", "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "state": "PUBLISHED", "assignerShortName": "WSO2", "dateReserved": "2025-03-28T08:46:09.062Z", "datePublished": "2025-05-05T09:02:01.489Z", "dateUpdated": "2025-05-05T12:45:10.518Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "WSO2 API Manager", "vendor": "WSO2", "versions": [{"lessThanOrEqual": "2.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "crnkovic"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution.</p>\n<p>This vulnerability can be exploited by an unauthenticated remote attacker to read files from the server\u2019s filesystem or perform denial-of-service (DoS) attacks.</p>\n<ul>\n<li>\n<p>On systems running <strong>JDK 7 or early JDK 8</strong>, full file contents may be exposed.</p>\n</li>\n<li>\n<p>On <strong>later versions of JDK 8 and newer</strong>, only the <strong>first line</strong> of a file may be read, due to improvements in XML parser behavior.</p>\n</li>\n<li>\n<p>DoS attacks such as \"Billion Laughs\" payloads can cause service disruption.</p></li></ul>"}], "value": "An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution.\n\n\nThis vulnerability can be exploited by an unauthenticated remote attacker to read files from the server\u2019s filesystem or perform denial-of-service (DoS) attacks.\n\n\n\n * \nOn systems running JDK 7 or early JDK 8, full file contents may be exposed.\n\n\n\n\n * \nOn later versions of JDK 8 and newer, only the first line of a file may be read, due to improvements in XML parser behavior.\n\n\n\n\n * \nDoS attacks such as \"Billion Laughs\" payloads can cause service disruption."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "shortName": "WSO2", "dateUpdated": "2025-05-05T09:02:01.489Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Follow the instructions given on&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/#solution\">https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3...</a><br>"}], "value": "Follow the instructions given on\u00a0 https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/#solution"}], "source": {"advisory": "WSO2-2025-3993", "discovery": "EXTERNAL"}, "tags": ["unsupported-when-assigned"], "title": "Unauthenticated XML External Entity (XXE) Vulnerability in WSO2 API Manager Gateway Component", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-05T12:44:33.257401Z", "id": "CVE-2025-2905", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T12:45:10.518Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2905", "assignerOrgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "state": "PUBLISHED", "assignerShortName": "WSO2", "dateReserved": "2025-03-28T08:46:09.062Z", "datePublished": "2025-05-05T09:02:01.489Z", "dateUpdated": "2025-05-05T12:45:10.518Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "WSO2 API Manager", "vendor": "WSO2", "versions": [{"lessThanOrEqual": "2.0.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "crnkovic"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution.</p>\n<p>This vulnerability can be exploited by an unauthenticated remote attacker to read files from the server\u2019s filesystem or perform denial-of-service (DoS) attacks.</p>\n<ul>\n<li>\n<p>On systems running <strong>JDK 7 or early JDK 8</strong>, full file contents may be exposed.</p>\n</li>\n<li>\n<p>On <strong>later versions of JDK 8 and newer</strong>, only the <strong>first line</strong> of a file may be read, due to improvements in XML parser behavior.</p>\n</li>\n<li>\n<p>DoS attacks such as \"Billion Laughs\" payloads can cause service disruption.</p></li></ul>"}], "value": "An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution.\n\n\nThis vulnerability can be exploited by an unauthenticated remote attacker to read files from the server\u2019s filesystem or perform denial-of-service (DoS) attacks.\n\n\n\n * \nOn systems running JDK 7 or early JDK 8, full file contents may be exposed.\n\n\n\n\n * \nOn later versions of JDK 8 and newer, only the first line of a file may be read, due to improvements in XML parser behavior.\n\n\n\n\n * \nDoS attacks such as \"Billion Laughs\" payloads can cause service disruption."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-611", "description": "CWE-611 Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "shortName": "WSO2", "dateUpdated": "2025-05-05T09:02:01.489Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Follow the instructions given on&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/#solution\">https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3...</a><br>"}], "value": "Follow the instructions given on\u00a0 https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3... https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/#solution"}], "source": {"advisory": "WSO2-2025-3993", "discovery": "EXTERNAL"}, "tags": ["unsupported-when-assigned"], "title": "Unauthenticated XML External Entity (XXE) Vulnerability in WSO2 API Manager Gateway Component", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2905", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-05T12:44:33.257401Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-05T12:44:38.267Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "D867B74E-5FA8-46AF-86D2-FFD478CD5ACC", "versionEndIncluding": "2.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "An XML External Entity (XXE) vulnerability exists in the gateway component of WSO2 API Manager due to insufficient validation of XML input in crafted URL paths. User-supplied XML is parsed without appropriate restrictions, enabling external entity resolution.\n\n\nThis vulnerability can be exploited by an unauthenticated remote attacker to read files from the server\u2019s filesystem or perform denial-of-service (DoS) attacks.\n\n\n\n * \nOn systems running JDK 7 or early JDK 8, full file contents may be exposed.\n\n\n\n\n * \nOn later versions of JDK 8 and newer, only the first line of a file may be read, due to improvements in XML parser behavior.\n\n\n\n\n * \nDoS attacks such as \"Billion Laughs\" payloads can cause service disruption."}, {"lang": "es", "value": "Existe una vulnerabilidad de Entidad Externa XML (XXE) en el componente de puerta de enlace de WSO2 API Manager debido a una validaci\u00f3n insuficiente de la entrada XML en rutas URL manipulada. El XML proporcionado por el usuario se analiza sin las restricciones adecuadas, lo que permite la resoluci\u00f3n de entidades externas. Esta vulnerabilidad puede ser explotada por un atacante remoto no autenticado para leer archivos del sistema de archivos del servidor o realizar ataques de denegaci\u00f3n de servicio (DoS). * En sistemas con JDK 7 o versiones anteriores de JDK 8, el contenido completo de los archivos puede quedar expuesto. * En versiones posteriores de JDK 8 y posteriores, solo se puede leer la primera l\u00ednea de un archivo, gracias a mejoras en el comportamiento del analizador XML. * Los ataques DoS, como los payloads \"Billion Laughs\", pueden causar interrupciones del servicio."}], "id": "CVE-2025-2905", "lastModified": "2025-10-02T16:27:31.157", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "type": "Secondary"}]}, "published": "2025-05-05T09:15:15.923", "references": [{"source": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "tags": ["Vendor Advisory"], "url": "https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3993/"}], "sourceIdentifier": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-611"}], "source": "ed10eef1-636d-4fbe-9993-6890dfa878f8", "type": "Secondary"}]}

{}

{"created": "2025-07-14T22:45:34.636434+00:00", "updated": "2025-07-14T22:45:34.636501+00:00", "vendors": ["wso2", "wso2$PRODUCT$api_manager"]}