CVE-2025-5717
Published: Sep 23, 2025
Modified: Oct 31, 2025
CVSS v3.1
6.8
Description
An authenticated remote code execution (RCE) vulnerability exists in multiple WSO2 products due to improper input validation in the event processor admin service. A user with administrative access to the SOAP admin services can exploit this flaw by deploying a Siddhi execution plan containing malicious Java code, resulting in arbitrary code execution on the server. Exploitation of this vulnerability requires a valid user account with administrative privileges, limiting the attack surface to authenticated but potentially malicious users.
| Vendor | Product | Versions |
|---|---|---|
WSO2 | WSO2 API Manager | unknown 0 - < 3.0.0affected 3.0.0 - < 3.0.0.174affected 3.1.0 - < 3.1.0.330affected 3.2.0 - < 3.2.0.426affected 3.2.1 - < 3.2.1.46+6 more versions |
WSO2 | WSO2 Open Banking AM | unknown 0 - < 2.0.0affected 2.0.0 - < 2.0.0.379 |
WSO2 | WSO2 Traffic Manager | affected 4.5.0 - < 4.5.0.6 |
WSO2 | WSO2 API Control Plane | affected 4.5.0 - < 4.5.0.6 |
WSO2 | Siddhi Extension Evaluate Scripts | affected 3.2.6 - < 3.2.6.8affected 3.2.7 - < 3.2.7.6affected 3.2.8 - < 3.2.8.3affected 3.2.10 - < 3.2.10.1affected 3.2.13 - < 3.2.13.2+2 more versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now