Описание
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:redhat:3scale:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00153
Низкий
7.3 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-307
CWE-307
Связанные уязвимости
CVSS3: 5.6
redhat
почти 5 лет назад
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
CVSS3: 7.3
github
больше 3 лет назад
It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
EPSS
Процентиль: 36%
0.00153
Низкий
7.3 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-307
CWE-307