Lucene search
K

9 matches found

RedHat Linux
RedHat Linux
added 2023/10/05 10:37 p.m.4 views

keycloak: Untrusted Certificate Validation

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS5.7AI score0.00425EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/27 7:2 p.m.5 views

keycloak: Untrusted Certificate Validation

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS5.7AI score0.00425EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/27 6:53 p.m.4 views

keycloak: Untrusted Certificate Validation

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS5.7AI score0.00425EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/06/27 6:52 p.m.4 views

keycloak: Untrusted Certificate Validation

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS5.7AI score0.00425EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/05/30 2:23 a.m.1 views

SUSE CVE-2023-1664

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS6.4AI score0.00425EPSS
Exploits0References3
OSV
OSV
added 2023/05/26 6:30 p.m.2 views

GHSA-C892-CWQ6-QRQF Duplicate Advisory: Keycloak vulnerable to untrusted certificate validation

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5cc8-pgp5-7mpm. This link is maintained to preserve external references. Original Advisory A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be...

6.5CVSS5.7AI score0.00425EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/05/26 6:15 p.m.3 views

CVE-2023-1664

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS5.8AI score0.00425EPSS
Exploits0References2
Prion
Prion
added 2023/05/26 6:15 p.m.29 views

Default configuration

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.4CVSS6.7AI score0.00425EPSS
Exploits0References1Affected Software2
RedhatCVE
RedhatCVE
added 2023/03/27 9:34 p.m.80 views

CVE-2023-1664

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If...

6.5CVSS6.8AI score0.00425EPSS
Exploits0References4
Rows per page
Query Builder