Keycloak HTTP Header authentication bypass

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Keycloak (the affected version is unknown) and classified as critical. This vulnerability affects some unknown processing of the component HTTP Header Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1096513202/23/2021VulD...price_0day$0-$5ksee documentation02/23/2021accepted90
1096513102/23/2021VulD...cvss3_meta_tempscore5.5see documentation02/23/2021accepted90
1096513002/23/2021VulD...cvss3_meta_basescore5.5see documentation02/23/2021accepted90
1096512902/23/2021VulD...cvss3_vuldb_tempscore5.502/23/2021accepted90
1096512802/23/2021VulD...cvss3_vuldb_basescore5.502/23/2021accepted90
1096512702/23/2021VulD...cvss2_vuldb_tempscore5.202/23/2021accepted90
1096512602/23/2021VulD...cvss2_vuldb_basescore5.202/23/2021accepted90
1096512502/23/2021VulD...cvss3_vuldb_rlXderived from historical data02/23/2021accepted80
1096512402/23/2021VulD...cvss3_vuldb_eXderived from historical data02/23/2021accepted80
1096512302/23/2021VulD...cvss3_vuldb_prLderived from historical data02/23/2021accepted80
1096512202/23/2021VulD...cvss3_vuldb_avAderived from historical data02/23/2021accepted80
1096512102/23/2021VulD...cvss2_vuldb_rlNDderived from historical data02/23/2021accepted80
1096512002/23/2021VulD...cvss2_vuldb_eNDderived from historical data02/23/2021accepted80
1096511902/23/2021VulD...cvss2_vuldb_auSderived from historical data02/23/2021accepted80
1096511802/23/2021VulD...cvss2_vuldb_avAderived from historical data02/23/2021accepted80
1096511702/23/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector02/23/2021accepted80
1096511602/23/2021VulD...cvss2_vuldb_aiPderived from vuldb v3 vector02/23/2021accepted80
1096511502/23/2021VulD...cvss2_vuldb_iiPderived from vuldb v3 vector02/23/2021accepted80
1096511402/23/2021VulD...cvss2_vuldb_ciPderived from vuldb v3 vector02/23/2021accepted80
1096511302/23/2021VulD...cvss2_vuldb_acLderived from vuldb v3 vector02/23/2021accepted80

Want to stay up to date on a daily basis?

Enable the mail alert feature now!