CVE-2021-3412

It was found that all versions of 3Scale developer portal lacked brute force protections. An attacker could use this gap to bypass login controls, and access privileged information, or possibly conduct further attacks.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1928301 Issue Tracking Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:3scale:*:*:*:*:*:*:*:*

Information

Published : 2021-06-01 02:15

Updated : 2022-06-03 05:24


NVD link : CVE-2021-3412

Mitre link : CVE-2021-3412

Products Affected
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts