CVE-2021-20252 – A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not …

Vuln ID: CVE-2021-20252

Published:  2021-02-23  23:15:13Z

Description: A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of service. The highest threat from this vulnerability is to system availability.

Source: NVD.NIST.GOV