Lucene search

Exposure of Sensitive Information to an Unauthorized Actor in Keycloak

🗓️ 30 Apr 2019 15:21:37Reported by GitHub Advisory DatabaseType

Keycloak vulnerability in version 6.0.0

Reporter	Title	Published	Views	Family All 18
OSV	CVE-2019-3868	24 Apr 201916:29	–	osv
OSV	Exposure of Sensitive Information to an Unauthorized Actor in Keycloak	30 Apr 201915:37	–	osv
OSV	RHSA-2019:0857 Red Hat Security Advisory: Red Hat Single Sign-On 7.2.7 security update on RHEL 6	13 Sep 202414:08	–	osv
OSV	RHSA-2019:0856 Red Hat Security Advisory: Red Hat Single Sign-On 7.2.7 security update on RHEL 7	13 Sep 202414:09	–	osv
Veracode	Session Hijacking	16 May 201904:00	–	veracode
CVE	CVE-2019-3868	24 Apr 201916:29	–	cve
Tenable Nessus	RHEL 6 : Red Hat Single Sign-On 7.2.7 security update on RHEL 6 (Moderate) (RHSA-2019:0857)	24 Apr 201900:00	–	nessus
Tenable Nessus	RHEL 7 : Red Hat Single Sign-On 7.2.7 security update on RHEL 7 (Moderate) (RHSA-2019:0856)	24 Apr 201900:00	–	nessus
RedHat Linux	(RHSA-2019:0857) Moderate: Red Hat Single Sign-On 7.2.7 security update on RHEL 6	23 Apr 201917:15	–	redhat
RedHat Linux	(RHSA-2019:0868) Moderate: Red Hat Single Sign-On 7.2.7 security update	23 Apr 201917:26	–	redhat

Vulners

Node

org.keycloak keycloak\-coreRange<6.0.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-3868
access	www.access.redhat.com/errata/RHSA-2019:1140
access	www.access.redhat.com/errata/RHSA-2019:2998
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
securityfocus	www.securityfocus.com/bid/108061
github	www.github.com/advisories/GHSA-gc52-xj6p-9pxp

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

30 Apr 2019 15:37Current

4.1Medium risk

Vulners AI Score4.1

CVSS25.5

CVSS33.8

EPSS0.00192

CWE-200