CVE-2019-15630

Published: Aug 30, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.

Vendor	Product	Versions
Salesforce, Inc.	Mulesoft	affected `3.x and 4.x released before August 1 2019`
Salesforce, Inc.	Mulesoft API Gateway	affected `All versions`

References

https://help.salesforce.com/apex/HTViewSolution?urlname=CVE-2019-15630-Directory-Traversal-in-MuleSoft-Runtime&language=en_US

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-15630

Description

Affected Products

References