redhat 3scale api management 2.0 vulnerabilities and exploits

(subscribe to this query)

A flaw was found In 3Scale Admin Portal. If a user logs out from the personal tokens page and then presses the back button in the browser, the tokens page is rendered from the browser cache.

Redhat 3scale Api Management 2.0

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.

Redhat 3scale Api Management 2.0

.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege e...

Linux Linux Kernel Redhat Virtualization Host 4.0 Redhat Virtualization 4.0 Redhat Enterprise Linux Eus 8.1 Redhat Enterprise Linux Eus 8.2 Redhat Enterprise Linux Server Tus 8.2 Redhat Enterprise Linux Server Aus 8.2 Redhat Enterprise Linux Aus 8.2 Redhat Openshift Container Platform 4.6 Redhat 3scale Api Management 2.0 Redhat Openshift Container Platform 4.7 Redhat Enterprise Linux Server Tus 8.4 Redhat Enterprise Linux Eus 8.4 Redhat Enterprise Linux For Real Time For Nfv Tus 8.2 Redhat Enterprise Linux For Real Time Tus 8.2 Redhat Enterprise Linux Server Aus 8.4 Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2 Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4 Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1 Redhat Enterprise Linux For Power Little Endian Eus 8.2 Redhat Enterprise Linux For Power Little Endian Eus 8.1 Redhat Enterprise Linux For Ibm Z Systems Eus 8.4

A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permissi...

Redhat 3scale Api Management 2.0

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.

Redhat 3scale Api Management 2.0 Redhat 3scale

A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an malicious user to view sensitive information or modify service APIs. Versions prior to 3scale-2.10.0-ER1 are affected.

Redhat 3scale Api Management 2.0 Redhat 3scale Redhat 3scale 2.10.0

A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could target traffic using this weaker protocol and break its encryption, gaining access to unauthorized information. Version shipped in Red Hat 3scale API Management Platform is vul...

Redhat 3scale Api Management 2.0

A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yi...

Redhat 3scale Api Management 2.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook