HIGH🇵🇱 Wersja polska

CVE-2021-3412

CVSS 7.3v3.1pub. 2021-06-01upd. 2024-11-21

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • Red Hat 3scale

    APP
    Redhat
    wszystkie wersje
  • Red Hat 3scale Api Management

    APP
    Redhat
    2.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2024-10295HIGH7.5ten sam produkt

A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to in...

CVE-2022-1414HIGH8.8ten sam produkt

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticat...

CVE-2021-3814HIGH7.5ten sam produkt

It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses s...

CVE-2022-0330HIGH7.8ten sam produkt

A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a ...

CVE-2021-3656HIGH8.8ten sam produkt

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processi...