Security Advisory

CVE-2021-3814

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-25 18:02:50

Last updated 2024-08-03 17:09:09

Assigner redhat

State PUBLISHED

Description

It was found that 3scales APIdocs does not validate the access token, in the case of invalid token, it uses session auth instead. This conceivably bypasses access controls and permits unauthorized information disclosure.

← Browse all CVEs View on cve.org ↗