Account Modification Vulnerability in 3scale Developer Portal by Red Hat
CVE-2024-12125

5.4MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat 3scale Api Management Platform 2
Vendor
CVE Published:
6 November 2025

What is CVE-2024-12125?

A vulnerability in the 3scale Developer Portal allows attackers to manipulate account creation or updates via hidden or read-only fields. This manipulation can enable unauthorized access to restricted information, potentially compromising sensitive data and application integrity. Organizations utilizing the portal should assess their current security measures and apply necessary updates to mitigate this risk.

References

https://access.redhat.com/security/cve/CVE-2024-12125
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330214
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2024-12125 : Account Modification Vulnerability in 3scale Developer Portal by Red Hat