Vulnerabilities > Redhat > 3Scale API Management > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-06 | CVE-2023-4910 | Exposure of Resource to Wrong Sphere vulnerability in Redhat 3Scale API Management 2.0 A flaw was found In 3Scale Admin Portal. | 5.5 |
| 2021-06-02 | CVE-2020-14388 | Unspecified vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. | 6.5 |
| 2021-06-01 | CVE-2021-3412 | Improper Restriction of Excessive Authentication Attempts vulnerability in Redhat 3Scale and 3Scale API Management It was found that all versions of 3Scale developer portal lacked brute force protections. | 5.0 |
| 2021-05-26 | CVE-2020-25634 | Missing Authentication for Critical Function vulnerability in Redhat 3Scale and 3Scale API Management A flaw was found in Red Hat 3scale’s API docs URL, where it is accessible without credentials. | 5.4 |
| 2021-03-18 | CVE-2019-14852 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. | 5.0 |
| 2021-02-23 | CVE-2021-20252 | Improper Input Validation vulnerability in Redhat 3Scale API Management 2.0 A flaw was found in Red Hat 3scale API Management Platform 2. | 6.8 |