CVE-2022-1414

Summary

3scale API Management 2 does not perform adequate sanitation for user input in multiple fields. An authenticated user could use this flaw to inject scripts and possibly gain access to sensitive information or conduct further attacks.

Affected Software

VendorProductVersion RangeStatus
n/a3scale-amp-system3scale-amp-system as shipped in 3scale-AMP 2affected

Weaknesses

  • CWE-1173: CWE-1173

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References