High Published: Nov 06, 2025 Modified: Nov 14, 2025

CVE-2024-12125

7.5 CVSS SCORE

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Description

A flaw was found in the 3scale Developer Portal. When creating or updating an account in the Developer Portal UI it is possible to modify fields explicitly configured as read-only or hidden, allowing an attacker to modify restricted information.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality None

Integrity High

Availability None

Weaknesses (CWE)

CWE-281

References & External Links

https://access.redhat.com/security/cve/CVE-2024-12125
https://bugzilla.redhat.com/show_bug.cgi?id=2330214

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker