First published: Fri Feb 12 2021(Updated: )
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat 3scale | ||
Redhat 3scale Api Management | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-3412.
The impact of CVE-2021-3412 is that an attacker could bypass login controls and access privileged information or carry out further attacks.
All versions of 3Scale developer portal are affected.
The severity of CVE-2021-3412 is high with a CVSS score of 7.3.
Yes, a fix is available. Please refer to the provided reference link for more information.