Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.39 views

RHEL 9 : Red Hat Single Sign-On 7.6.6 security update on RHEL 9 (Important) (RHSA-2023:7855)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7855 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.7CVSS6.3AI score0.01239EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.72 views

RHEL 7 : Red Hat Single Sign-On 7.6.6 security update on RHEL 7 (Important) (RHSA-2023:7854)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7854 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.7CVSS6.3AI score0.01239EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.48 views

RHEL 8 : Red Hat Single Sign-On 7.6.6 security update on RHEL 8 (Important) (RHSA-2023:7856)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7856 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.7CVSS6.3AI score0.01239EPSS
Exploits2References8
RedHat Linux
RedHat Linux
added 2023/12/14 7:53 p.m.39 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update

A new image is available for Red Hat Single Sign-On 7.6.6, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

7.7CVSS6.6AI score0.01239EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2023/12/14 7:1 p.m.46 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 8

New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.7CVSS6.6AI score0.01239EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2023/12/14 7:0 p.m.33 views

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.6 security update on RHEL 9

New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.7CVSS6.6AI score0.01239EPSS
Exploits2References4
NVD
NVD
added 2023/12/14 6:15 p.m.33 views

CVE-2023-6563

An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens 500,000 users with each having at least 2 saved sessions. If an attacker creates two or more user sessions and then open the "consents" tab of th...

7.7CVSS0.01239EPSS
Exploits1References8
OSV
OSV
added 2023/12/14 6:15 p.m.40 views

CVE-2023-6563

An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens 500,000 users with each having at least 2 saved sessions. If an attacker creates two or more user sessions and then open the "consents" tab of th...

7.7CVSS7.4AI score0.01239EPSS
Exploits1References8
CVE
CVE
added 2023/12/14 6:1 p.m.191 views

CVE-2023-6563

CVE-2023-6563 is an offline-session DoS vulnerability in Keycloak/Red Hat SSO. Exploitation arises when an attacker triggers the admin UI by opening the consents tab after creating multiple user sessions, causing massive offline session load and resource exhaustion. The issue is acknowledged in R...

7.7CVSS7.3AI score0.01239EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder