Vulnerabilities > CVE-2020-14388 - Unspecified vulnerability in Redhat 3Scale API Management 2.0

CVSS 6.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

LOW

network

low complexity

redhat

NVD

Published: 2021-06-02

Updated: 2024-11-21

Summary

A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat 3Scale API Management 2.0	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=1875553
https://bugzilla.redhat.com/show_bug.cgi?id=1875553