Identity Server
by Wso2
Standard maintenance is sufficient
Identity Server has low exploitation rates. Attackers rarely target this software's known vulnerabilities.
What to do
- Keep automatic updates enabled
- No urgent action needed
- Review periodically as part of normal maintenance
What Attackers Target
Vulnerabilities with high exploit probability
6.8%
Confirmed actively exploited (CISA)
1.7%
Public exploit code available
3.4%
Based on 59 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2022-29464 | 9.8 | 94.4% | Yes |
| CVE-2022-29548 | 4.6 | 76.4% | — |
| CVE-2020-17453 | 6.1 | 64.4% | — |
| CVE-2024-7097 | 4.3 | 25.2% | — |
| CVE-2017-14651 | 4.8 | 7.6% | — |
| CVE-2016-4312 | 7.5 | 5.4% | — |
| CVE-2025-5605 | 4.3 | 3.9% | — |
| CVE-2021-42646 | 9.1 | 1.3% | — |
| CVE-2018-8716 | 5.4 | 1.0% | — |
| CVE-2019-20437 | 6.1 | 0.8% | — |
| CVE-2019-20436 | 6.1 | 0.8% | — |
| CVE-2020-24706 | 6.1 | 0.7% | — |
| CVE-2021-36760 | 6.1 | 0.7% | — |
| CVE-2023-6838 | 6.1 | 0.6% | — |
| CVE-2025-12107 | 8.4 | 0.6% | — |
| CVE-2024-6914 | 9.8 | 0.5% | — |
| CVE-2019-20443 | 4.8 | 0.5% | — |
| CVE-2019-20442 | 4.8 | 0.5% | — |
| CVE-2020-12719 | 7.2 | 0.4% | — |
| CVE-2020-24703 | 8.8 | 0.4% | — |
7
/ 100
low-risk
Active Threat
5/50 · Minimal
Exploit Availability
2/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.