CVE-2019-15630
N/A
N/A
Summary
Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider components in MuleSoft Mule Runtime 3.2.0 and higher released before August 1 2019, MuleSoft Mule Runtime 4.1.0 and higher released before August 1 2019, and all versions of MuleSoft API Gateway released before August 1 2019 allow remote attackers to read files accessible to the Mule process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Salesforce, Inc. | Mulesoft | 3.x and 4.x released before August 1 2019 | affected |
| Salesforce, Inc. | Mulesoft API Gateway | All versions | affected |
Weaknesses
- Directory Traversal (Local File Inclusion)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.