Vulnerabilities > CVE-2020-14388 - Unspecified vulnerability in Redhat 3Scale API Management 2.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

redhat

NVD

Published: 2021-06-02

Updated: 2022-07-25

Summary

A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API services where they do not have permission.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat 3Scale API Management 2.0	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=1875553