AI Score
Confidence
High
EPSS
Percentile
56.9%
It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks.
rhn.redhat.com/errata/RHSA-2017-1203.html
bugzilla.redhat.com/show_bug.cgi?id=1445271
nvd.nist.gov/vuln/detail/CVE-2017-7474