Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-1698

Опубликовано: 06 мая 2020
Источник: redhat
CVSS3: 5

Описание

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

A flaw was found in keycloak. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Decision Manager 7keycloak-coreNot affected
Red Hat Fuse 7keycloak-coreFix deferred
Red Hat Mobile Application Platform 4keycloak-coreOut of support scope
Red Hat OpenShift Application Runtimeskeycloak-coreAffected
Red Hat Process Automation 7keycloak-coreNot affected
Red Hat Single Sign-On 7rh-sso7-keycloakAffected
Red Hat support for Spring Bootkeycloak-coreAffected
Red Hat Runtimes Spring Boot 2.2.6keycloak-coreFixedRHSA-2020:225201.06.2020
Red Hat Single Sign-On 7.4.0FixedRHSA-2020:562517.12.2020
Text-Only RHOARFixedRHSA-2020:290523.07.2020

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-532
https://bugzilla.redhat.com/show_bug.cgi?id=1790292keycloak: Password leak by logged exception in HttpMethod class

5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2020-1698

CVSS3: 5
nvd
больше 5 лет назад

A flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. The highest threat from this vulnerability is to data confidentiality.

debian логотип

CVE-2020-1698

CVSS3: 5
debian
больше 5 лет назад

A flaw was found in keycloak in versions before 9.0.0. A logged except ...

github логотип

GHSA-qgmm-f2qw-r95f

CVSS3: 5.5
github
больше 3 лет назад

Keycloak leaks sensitive information in logged exceptions

5 Medium

CVSS3