Description


It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.

Related CPE's


Vulnerable

References


Weaknesses



CWE-307


CWE-307

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.3 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-01T14:15:10.267

4 years ago

Last modified

2022-06-03T17:24:27.460

3 years ago