CVE-2017-7512 in 3scale API Management Platform정보

요약

\~에 의해 MITRE

Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512 maps to an OpenVPN vulnerability. The proper CVE ID for that OpenVPN vulnerability is CVE-2017-7521. Specifically, CVE-2017-7521 is the correct CVE ID for TWO closely related findings in OpenVPN. Any source that lists BOTH CVE-2017-7512 and CVE-2017-7521 for OpenVPN should have listed ONLY CVE-2017-7521.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2017. 04. 05.

공개

2017. 07. 07.

모더레이션

수락

항목

VDB-103351

CPE

준비됨

CWE

CWE-285 (확인됨)

CVSS

9.8 (NVD)

EPSS

0.00498

KEV

아니요

활동

매우 낮음

부문

Chemical, Pharma, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7512
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7512
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7512/

◂ 이전 개요 다음 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!