← voltar
CVE-2021-20252

CVE-2021-20252

EPSS 1.0%CWE-20
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.0%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
23 fev 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability.
Produtos afetados
n/a · 3scale/backend