CVE-2024-7341

🗓️ 09 Sep 2024 19:15:14Reported by [email protected]Type

nvd

nvd🔗 web.nvd.nist.gov👁 22 Views

Session fixation flaw in Keycloak SAML adapter

Reporter	Title	Published	Views	Family All 43
ATTACKERKB	CVE-2024-7341	9 Sep 202419:15	–	attackerkb
Chainguard	CVE-2024-7341 vulnerabilities	9 Sep 202419:15	–	cgr
Circl	CVE-2024-7341	9 Sep 202422:20	–	circl
CNNVD	Red Hat Keycloak 授权问题漏洞	9 Sep 202400:00	–	cnnvd
CVE	CVE-2024-7341	9 Sep 202418:51	–	cve
Cvelist	CVE-2024-7341 Wildfly-elytron: org.keycloak/keycloak-services: session fixation in elytron saml adapters	9 Sep 202418:51	–	cvelist
EUVD	EUVD-2024-2954	3 Oct 202520:07	–	euvd
Github Security Blog	Keycloak has session fixation in Elytron SAML adapters	14 Oct 202420:55	–	github
Github Security Blog	Duplicate Advisory: Keycloak Session Fixation vulnerability	9 Sep 202421:31	–	github
OSV	CGA-9737-QQJ4-9XJC	10 Sep 202415:05	–	osv

NVD

Node

redhat keycloakRange≤25.0.2

Node

redhat single_sign-onRange7.6–7.6.10

AND

redhat enterprise_linuxMatch7.0

OR

redhat enterprise_linuxMatch8.0

OR

redhat enterprise_linuxMatch9.0

Node

redhat build_of_keycloakRange22.0–22.0.12

OR

redhat build_of_keycloakRange24.0–24.0.7

Node

redhat single_sign-onMatch-text-only

Source	Link
access	www.access.redhat.com/errata/RHSA-2024:6502
access	www.access.redhat.com/errata/RHSA-2024:6495
github	www.github.com/advisories/GHSA-j76j-rqwj-jmvv
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2024:6503
access	www.access.redhat.com/security/cve/CVE-2024-7341
access	www.access.redhat.com/errata/RHSA-2024:6493
access	www.access.redhat.com/errata/RHSA-2024:6500
access	www.access.redhat.com/errata/RHSA-2024:6501
access	www.access.redhat.com/errata/RHSA-2024:6494

27 Mar 2026 00:16Current

CVSS 3.17.1

EPSS0.02246

keycloak saml session fixation