Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-10199

Опубликовано: 14 авг. 2019
Источник: nvd
CVSS3: 4.6
CVSS3: 8.8
CVSS2: 6.8
EPSS Низкий

Описание

It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
Версия до 6.0.1 (включая)

EPSS

Процентиль: 27%
0.00095
Низкий

4.6 Medium

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352
CWE-352

Связанные уязвимости

redhat логотип

CVE-2019-10199

CVSS3: 4.6
redhat
больше 6 лет назад

It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.

debian логотип

CVE-2019-10199

CVSS3: 8.8
debian
больше 6 лет назад

It was found that Keycloak's account console, up to 6.0.1, did not per ...

github логотип

GHSA-p5xp-6vpf-jwvh

CVSS3: 8.8
github
больше 6 лет назад

Improper Input Validation and Cross-Site Request Forgery in Keycloak

EPSS

Процентиль: 27%
0.00095
Низкий

4.6 Medium

CVSS3

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-352
CWE-352