Описание
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.
Ссылки
- Vendor Advisory
- ExploitIssue TrackingVendor Advisory
- Vendor Advisory
- ExploitIssue TrackingVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.4 High
CVSS3
7.5 High
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.
A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.
EPSS
7.4 High
CVSS3
7.5 High
CVSS3