Wso2 Carbon Api Manager Rest Api Utility
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Carbon Api Manager Rest Api Utility.
By the Year
In 2026 there have been 1 vulnerability in Wso2 Carbon Api Manager Rest Api Utility with an average score of 6.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 6.30 |
It may take a day or so for new Wso2 Carbon Api Manager Rest Api Utility vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Carbon Api Manager Rest Api Utility Security Vulnerabilities
WSO2 APIM 3.x RBAC Bypass in Gateway & Internal Service APIs
CVE-2025-8325
6.3 - Medium
- May 11, 2026
The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Internal Service APIs, potentially exposing them in WSO2 APIM 3.x versions. A malicious actor with a valid user account on a vulnerable deployment can perform sensitive operations against the Gateway REST API regardless of their actual roles or privileges. This could lead to unintended behavior or misuse, particularly in production environments.
Improper Preservation of Permissions
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Carbon Api Manager Rest Api Utility or by Wso2? Click the Watch button to subscribe.
