3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2022-1414 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2076794 | Issue Tracking Vendor Advisory |
Configurations
History
21 Oct 2022, 16:59
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://access.redhat.com/security/cve/CVE-2022-1414 - Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2076794 - Issue Tracking, Vendor Advisory | |
CWE | CWE-20 | |
CPE | cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
19 Oct 2022, 18:24
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-19 18:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-1414
Mitre link : CVE-2022-1414
CVE.ORG link : CVE-2022-1414
JSON object : View
Products Affected
redhat
- 3scale_api_management