CVE-2021-3412

Published at:
2021-06-01T14:15:10.267
Source: [email protected]

Global infos:

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.

CVE Status: Modified

References:

  • [email protected]
  • af854a3a-2127-422b-91ae-364da2661108
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorNETWORK
    Availability ImpactLOW
    Base Score7.3
    Base SeverityHIGH
    Confidentiality ImpactLOW
    Integrity ImpactLOW
    Privileges RequiredNONE
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
    Exploitability Score3.9
    Impact Score3.4
    Source[email protected]
    TypePrimary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords