Security Advisory

CVE-2024-9671

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-09 14:32:10

Last updated 2026-03-20 10:41:56

Assigner redhat

State PUBLISHED

Description

A vulnerability was found in 3Scale. There is no auth mechanism to see a PDF invoice of a Developer user if the URL is known. Anyone can see the invoice if the URL is known or guessed.

← Browse all CVEs View on cve.org ↗