CVE-2025-9312P2CRITICALCVSS 9.8≥ 1.1.1, < 1.1.1.2·≥ 1.1.16, < 1.1.16.3+13 more2025-11-18
CVE-2025-9312 [CRITICAL] CWE-306 CVE-2025-9312: A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation us
A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation used by System REST APIs and SOAP services in multiple WSO2 products. Due to improper validation of client certificate–based authentication in certain default configurations, the affected components may permit unauthenticated requests even when mTLS is
nvd