Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-5jfq-x6xp-7rw2

Опубликовано: 30 апр. 2025
Источник: github
Github: Прошло ревью
CVSS3: 5.4

Описание

Keycloak vulnerable to two factor authentication bypass

Description

A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.

Ссылки

Пакеты

Наименование

org.keycloak:keycloak-services

maven
Затронутые версииВерсия исправления

< 26.2.2

26.2.2

EPSS

Процентиль: 4%
0.00022
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2025-3910

Дефекты

CWE-287

Связанные уязвимости

redhat логотип

CVE-2025-3910

CVSS3: 5.4
redhat
4 месяца назад

A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.

nvd логотип

CVE-2025-3910

CVSS3: 5.4
nvd
4 месяца назад

A flaw was found in Keycloak. The org.keycloak.authorization package may be vulnerable to circumventing required actions, allowing users to circumvent requirements such as setting up two-factor authentication.

debian логотип

CVE-2025-3910

CVSS3: 5.4
debian
4 месяца назад

A flaw was found in Keycloak. The org.keycloak.authorization package m ...

EPSS

Процентиль: 4%
0.00022
Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2025-3910

Дефекты

CWE-287