CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-0456

A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.8%

CVSS Severity

CVSS v3 Score 7.4

References

https://access.redhat.com/security/cve/CVE-2023-0456
https://bugzilla.redhat.com/show_bug.cgi?id=2163586
https://access.redhat.com/security/cve/CVE-2023-0456
https://bugzilla.redhat.com/show_bug.cgi?id=2163586

Products affected by CVE-2023-0456

Redhat » Apicast » Version: Any

cpe:2.3:a:redhat:apicast:*
Redhat » Apicast » Version: 2.0.0

cpe:2.3:a:redhat:apicast:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0456

Products

Pricing

Contact Us