Vulnerability in Redhat 3scale_api_management
CVE-2020-14388
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API's admin portal were not properly enforced. This flaw allows an authenticated user to bypass normal account restrictions and access API serv…
EPSS: 0.006 (43.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L.
Affected products
- Redhat 3scale_api_management — versions 2.0
- N/a Red Hat 3scale Api Management — versions Red Hat 3scale API Management 2.10.0
Weakness classification (CWE)
References
- secalert@redhat.com (x_refsource_MISC, Issue Tracking, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-14388?
- CVE-2020-14388 is a medium-severity vulnerability in Redhat 3scale_api_management, classified under Improper Access Control. CVSS score: 6.3/10. Published 2021-06-02.
- How severe is CVE-2020-14388?
- Medium severity. CVSS v3 base score is 6.3 out of 10.