Keycloak Sårbarheter

Tidslinje

Förra året

Version

2.05
2.15
2.25
2.35
7.x5

Åtgärd

Official Fix59
Temporary Fix0
Workaround0
Unavailable0
Not Defined51

Utnyttjbarhet

High0
Functional1
Proof-of-Concept2
Unproven0
Not Defined107

Åtkomstvektor

Not Defined0
Physical1
Local4
Adjacent30
Network75

Autentisering

Not Defined0
High7
Low63
None40

Användarinteraktion

Not Defined0
Required33
None77

C3BM Index

Förra året

CVSSv3 Base

≤10
≤20
≤30
≤417
≤521
≤633
≤725
≤810
≤94
≤100

CVSSv3 Temp

≤10
≤20
≤31
≤418
≤520
≤634
≤727
≤86
≤94
≤100

VulDB

≤10
≤20
≤35
≤425
≤529
≤628
≤711
≤810
≤92
≤100

NVD

≤10
≤20
≤31
≤42
≤511
≤613
≤718
≤813
≤910
≤107

CNA

≤10
≤20
≤30
≤42
≤58
≤62
≤76
≤84
≤92
≤104

Säljare

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Utnyttja 0-dagars

<1k23
<2k72
<5k8
<10k4
<25k3
<50k0
<100k0
≥100k0

Utnyttja idag

<1k103
<2k5
<5k0
<10k2
<25k0
<50k0
<100k0
≥100k0

Utnyttja marknadsvolymen

Förra året

🔴 CTI Aktiviteter

Affected Versions (62): 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 1, 1.0.1, 1.0.2, 1.0.3, 2, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.5.1, 2.5.2, 2.5.3, 2.5.4, 3.0, 3.2.1.Final, 3.4, 3.4.1, 3.4.3.Final, 4.0, 4.0.0.Beta2, 4.2.1.Final, 4.3.0.Final, 4.8, 4.8.1, 4.8.2, 6, 6.0, 6.0.1, 6.0.2, 7.0, 7.0.1, 8, 8.0, 8.0.1, 8.0.2, 9, 9.0, 9.0.1, 10.0, 10.0.1, 11.0, 11.0.3, 12, 12.0, 12.0.1, 13.0, 15.0, 15.1, 20.0, 20.0.1, 20.0.2, 22.0.5

Link to Product Website: https://www.redhat.com/

Programvarutyp: Application Server Software

PubliceradBaseTempSårbarhet0dayI dagUtnRemCTICVE
25/04/20245.45.4Red Hat Keycloak dbProperties informationsgivning$5k-$25k$5k-$25kNot DefinedNot Defined0.43CVE-2024-1102
17/04/20245.75.7Keycloak redirect_uri Redirect$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2024-2419
16/04/20243.53.5Keycloak SAML cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.10CVE-2023-6717
16/04/20243.53.5Keycloak checkLoginIframe privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.14CVE-2024-1249
16/04/20243.53.5Keycloak URL Redirect$0-$5k$0-$5kNot DefinedNot Defined0.14CVE-2024-1132
16/04/20243.53.5Keycloak Client Registration privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2023-6544
16/04/20245.55.5Keycloak Token Type Privilege Escalation$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2023-0657
16/04/20246.36.3Keycloak Client Step-Up Authentication svag autentisering$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-3597
21/02/20243.63.4Keycloak Account Lockout förnekande av tjänsten$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2024-1722
21/02/20245.55.5Keycloak svag autentisering$0-$5k$0-$5kNot DefinedNot Defined0.19CVE-2023-6787
18/12/20234.74.7Red Hat Keycloak JARM Response Redirect$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2023-6927
15/12/20234.34.1JBoss KeyCloak lowerCaseHostname Redirect$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2023-6291
15/12/20237.16.9Red Hat keycloak/Single Sign-On/Middleware Container/ Admin User Interface förnekande av tjänsten$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2023-6563
12/12/20234.54.5JBoss KeyCloak Incomplete Fix CVE-2020-10748 cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2023-6134
04/12/20234.34.3JBoss KeyCloak WebAuthn privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2023-6484
30/11/20235.55.3Keycloak Login privilegier eskalering$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-2232
13/09/20236.56.5Keycloak User Registration svag kryptering$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2023-4918
28/06/20236.56.5Keycloak URL Scheme cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-4361
27/06/20235.55.5Keycloak Device privilegier eskalering$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2023-2585
27/06/20234.64.6Keycloak mTLS Authentication svag autentisering$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2023-2422
23/05/20235.75.7keycloak svag autentisering$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2023-1664
28/04/20237.77.6HYPR Keycloak Authenticator Extension svag autentisering$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2023-1477
03/03/20234.94.7keycloak-connect Node.js Adapter Redirect$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-2237
03/03/20235.55.3Keycloak svag autentisering$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2023-0264
01/03/20233.53.4Keycloak OpenID Connect Login Service cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-4137

85 fler poster visas inte

🔒 Login Required

You need to signup and login to see more of the remaining 85 results.

TidigareÖversiktNästa

Might our Artificial Intelligence support you?

Check our Alexa App!