A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1847605 | Vendor Advisory |
Configurations
History
02 Jun 2021, 21:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1847605 - Vendor Advisory | |
CPE | cpe:2.3:a:redhat:3scale:2.4:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 8.8 |
02 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
Summary | A vulnerability was found that the 3scale dev portal does not employ mechanisms for protection against login CSRF. An attacker could use this flaw to access unauthorized information or conduct further attacks. | |
References |
|
|
26 May 2021, 12:44
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-352 |
26 May 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-26 12:15
Updated : 2024-02-04 21:47
NVD link : CVE-2019-14836
Mitre link : CVE-2019-14836
CVE.ORG link : CVE-2019-14836
JSON object : View
Products Affected
redhat
- 3scale
CWE
CWE-352
Cross-Site Request Forgery (CSRF)