What is CVE-2019-14852?

CVE-2019-14852 is a high-severity vulnerability in Redhat 3scale_api_management, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.5/10. Published 2021-03-18.

How severe is CVE-2019-14852?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Redhat 3scale_api_management

CVE-2019-14852

A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could target traffic using this weaker protocol and break its encryption, gaining access to unauthorized information. Version shipped in Red Hat 3s…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.004 (34.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Redhat 3scale_api_management — versions 2.0
N/a Apicast — versions As shipped with Red Hat 3scale API Management Platform

Weakness classification (CWE)

CWE-327 — Use of a Broken or Risky Cryptographic Algorithm

References

secalert@redhat.com (Third Party Advisory, x_refsource_MISC, Issue Tracking)

Frequently asked questions

What is CVE-2019-14852?: CVE-2019-14852 is a high-severity vulnerability in Redhat 3scale_api_management, classified under Use of a Broken or Risky Cryptographic Algorithm. CVSS score: 7.5/10. Published 2021-03-18.
How severe is CVE-2019-14852?: High severity. CVSS v3 base score is 7.5 out of 10.