Описание
A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.
Ссылки
- Vendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
EPSS
2.7 Low
CVSS3
Дефекты
Связанные уязвимости
A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.
A vulnerability has been identified in Keycloak that could lead to una ...
A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.
EPSS
2.7 Low
CVSS3