HIGH🇬🇧 English

CVE-2022-1414

CVSS 8.8v3.1pub. 2022-10-19upd. 2025-05-09

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Red Hat 3scale Api Management

    APP
    Redhat
    2.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-10295HIGH7.5ten sam produkt

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to in...

CVE-2022-0330HIGH7.8ten sam produkt

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a ...

CVE-2021-3656HIGH8.8ten sam produkt

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processi...

CVE-2021-3609HIGH7.0ten sam produkt

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a f...

CVE-2021-3412HIGH7.3ten sam produkt

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could us...