It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LRed Hat 3scale
APPRedhatwszystkie wersjeRed Hat 3scale Api Management
APPRedhat2.0
Powiązane podatności
A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to in...
3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticat...
It was found that 3scale's APIdocs does not validate the access token, in the case of invalid token, it uses s...
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a ...
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processi...