Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

redhat 3scale api management 2.0 vulnerabilities and exploits

(subscribe to this query)

5.4
CVSSv3
CVE-2020-25634
A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. This flaw allows an attacker to view sensitive information or modify service APIs. Versions before 3scale-2.10.0-ER1 are affected....
Redhat 3scaleRedhat 3scale 2.10.0Redhat 3scale Api Management 2.0
7.3
CVSSv3
CVE-2021-3412
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks....
Redhat 3scaleRedhat 3scale Api Management 2.0
7.5
CVSSv3
CVE-2019-14852
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could target traffic using this weaker protocol and break its encryption, gaining access to unauthorized information. Version shipped in Red Hat 3scale API Management Platform is...
Redhat 3scale Api Management 2.0
6.5
CVSSv3
CVE-2021-20252
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually...
Redhat 3scale Api Management 2.0
6.3
CVSSv3
CVE-2020-14388
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have...
Redhat 3scale Api Management 2.0
7
CVSSv3
CVE-2021-3609
.A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege...
Linux Linux KernelLinux Linux Kernel 5.13Redhat 3scale Api Management 2.0Redhat Build Of Quarkus 1.0Redhat Openshift Container Platform 4.6Redhat Openshift Container Platform 4.7Redhat Openshift Container Platform 4.8Redhat Virtualization 4.0Redhat Virtualization Host 4.0Redhat Codeready Linux Builder Eus 8.1Redhat Codeready Linux Builder Eus 8.2Redhat Codeready Linux Builder Eus 8.4Redhat Codeready Linux Builder For Power Little Endian Eus 8.1Redhat Codeready Linux Builder For Power Little Endian Eus 8.2Redhat Codeready Linux Builder For Power Little Endian Eus 8.4Redhat Enterprise Linux Aus 8.2Redhat Enterprise Linux Eus 8.1Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Ibm Z Systems Eus S390x 8.1Redhat Enterprise Linux For Power Little Endian Eus 8.1Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux For Real Time 8.0Redhat Enterprise Linux For Real Time For Nfv 8.0Redhat Enterprise Linux For Real Time For Nfv Tus 8.0Redhat Enterprise Linux For Real Time For Nfv Tus 8.2Redhat Enterprise Linux For Real Time Tus 8.0Redhat Enterprise Linux For Real Time Tus 8.2Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.4Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-29214CVE-2022-29432CVE-2022-1388LFICVE-2022-1813SSRFCVE-2022-20821CVE-2021-41834XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook