Lucene search
+L

8 matches found

OSV
OSV
added 2020/05/15 7:15 p.m.30 views

CVE-2020-1758

A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle MITM attack...

5.9CVSS6.3AI score0.00905EPSS
Exploits0References2
CVE
CVE
added 2020/05/15 6:52 p.m.198 views

CVE-2020-1758

CVE-2020-1758 affects Keycloak versions before 10.0.0. The issue is that TLS hostname verification is not performed when Keycloak sends emails via an SMTP server, which can allow a man‑in‑the‑middle (MITM) attack. The connected sources consistently describe this flaw and its mitigation; there are...

5.9CVSS5.2AI score0.00905EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2020/05/12 4:43 p.m.69 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 8

New Red Hat Single Sign-On 7.3.8 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.6AI score0.01004EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/05/12 4:43 p.m.56 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 6

New Red Hat Single Sign-On 7.3.8 packages are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.6AI score0.01004EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2020/05/12 4:42 p.m.79 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.3.8 security update on RHEL 7

New Red Hat Single Sign-On 7.3.8 packages are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS6.6AI score0.01004EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2020/05/12 3:10 p.m.35 views

CVE-2020-1758

A flaw was found in Keycloak, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle MITM attack. Mitigation Turn off all kinds of email notifications including password reset mails...

4.3CVSS1.7AI score0.00905EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.39 views

RHEL 6 : Red Hat Single Sign-On 7.3.8 security update on RHEL 6 (Important) (RHSA-2020:2106)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2106 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

8.8CVSS6.6AI score0.01004EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.47 views

RHEL 8 : Red Hat Single Sign-On 7.3.8 security update on RHEL 8 (Important) (RHSA-2020:2108)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2108 advisory. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

8.8CVSS6.6AI score0.01004EPSS
Exploits0References10
Rows per page
Query Builder