3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2022-1414 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2076794 | Issue Tracking Vendor Advisory |
Configurations
History
21 Oct 2022, 16:59
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2076794 - Issue Tracking, Vendor Advisory | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2022-1414 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Redhat
Redhat 3scale Api Management |
|
CPE | cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:* | |
CWE | CWE-20 |
19 Oct 2022, 18:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-19 18:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-1414
Mitre link : CVE-2022-1414
CVE.ORG link : CVE-2022-1414
JSON object : View
Products Affected
redhat
- 3scale_api_management