Vulnerabilities > Redhat > 3Scale API Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-06 | CVE-2023-4910 | Exposure of Resource to Wrong Sphere vulnerability in Redhat 3Scale API Management 2.0 A flaw was found In 3Scale Admin Portal. | 5.5 |
| 2022-10-19 | CVE-2022-1414 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. | 8.8 |
| 2022-03-25 | CVE-2022-0330 | Improper Preservation of Permissions vulnerability in multiple products A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. | 7.8 |
| 2022-03-04 | CVE-2021-3656 | Missing Authorization vulnerability in multiple products A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. | 8.8 |
| 2022-03-03 | CVE-2021-3609 | Race Condition vulnerability in multiple products .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. | 7.0 |
| 2021-06-02 | CVE-2020-14388 | Unspecified vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. | 6.5 |
| 2021-06-01 | CVE-2021-3412 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat 3Scale and 3Scale API Management It was found that all versions of 3Scale developer portal lacked brute force protections. | 5.0 |
| 2021-05-26 | CVE-2020-25634 | Missing Authentication for Critical Function vulnerability in Redhat 3Scale and 3Scale API Management A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. | 5.4 |
| 2021-03-18 | CVE-2019-14852 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. | 5.0 |
| 2021-02-23 | CVE-2021-20252 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in Red Hat 3scale API Management Platform 2. | 6.8 |