CVE-2021-3523

Name of the Vulnerable Software and Affected Versions 3Scale APICast versions prior to 2.11.0

Description A flaw in 3Scale APICast allows an attacker to bypass security restrictions for an API request when hosting multiple APIs on the same IP address. This occurs because the software incorrectly identifies connections for reuse.

Recommendations For versions prior to 2.11.0, update to version 2.11.0 or later to resolve the issue. As a temporary workaround, consider restricting API requests to prevent bypassing security restrictions when hosting multiple APIs on the same IP address.