Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2021-20252
HistoryFeb 23, 2021 - 10:24 p.m.

CVE-2021-20252

2021-02-2322:24:50
CWE-20
redhat
www.cve.org
4
red hat 3scale
api management platform
dos attack
date range manipulation
system availability
vulnerability

EPSS

0.001

Percentile

27.0%

JSON

A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability.

CNA Affected

[
  {
    "product": "3scale/backend",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "As shipped by Red Hat 3scale API Management Platform 2"
      }
    ]
  }
]

Related

prion 1
cve 1
nvd 1
redhatcve 1
prion
prion
Denial of service
2021-02-23 23:15:00
cve
cve
CVE-2021-20252
2021-02-23 23:15:13
nvd
nvd
CVE-2021-20252
2021-02-23 23:15:13
redhatcve
redhatcve
CVE-2021-20252
2021-02-18 15:37:44

EPSS

0.001

Percentile

27.0%

JSON
Related for CVELIST:CVE-2021-20252
prion1cve1nvd1redhatcve1