A flaw was found in APICast, when 3Scale's OIDC module does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-09-27T13:39:37.294Z
Updated: 2024-08-02T05:10:56.184Z
Reserved: 2023-01-24T03:32:34.344Z
Link: CVE-2023-0456
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-27T15:16:03.167
Modified: 2023-11-07T04:00:31.090
Link: CVE-2023-0456
Redhat