CVE-2021-3412

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1928301 Issue Tracking Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:3scale:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-06-01 14:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-3412

Mitre link : CVE-2021-3412

CVE.ORG link : CVE-2021-3412


JSON object : View

Products Affected

redhat

  • 3scale_api_management
  • 3scale
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts