PT-2025-45387 · Red Hat · 3Scale Developer Portal

Published

2025-11-06

Updated

2025-11-14

CVE-2024-12125

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions 3scale Developer Portal (affected versions not specified)

Description A flaw exists in the 3scale developer portal that could allow account creation or updates through hidden or read-only fields. This allows an attacker to potentially access or modify restricted information. The issue involves manipulating field permissions during account operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281

Related Identifiers

CVE-2024-12125

Affected Products

3Scale Developer Portal

PT-2025-45387 · Red Hat · 3Scale Developer Portal

CVE-2024-12125

Weakness Enumeration

Related Identifiers

Affected Products

References · 6