A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1847605 | Vendor Advisory |
Configurations
History
12 Feb 2023, 23:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. |
02 Feb 2023, 16:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | It was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. |
02 Jun 2021, 21:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:3scale:2.4:*:*:*:*:*:*:* | |
CWE | CWE-352 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1847605 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 8.8 |
02 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References |
|
|
Summary | A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. |
26 May 2021, 12:44
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
26 May 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-26 12:15
Updated : 2023-12-10 13:55
NVD link : CVE-2019-14836
Mitre link : CVE-2019-14836
CVE.ORG link : CVE-2019-14836
JSON object : View
Products Affected
redhat
- 3scale
CWE
CWE-352
Cross-Site Request Forgery (CSRF)