Количество 4
Количество 4
CVE-2020-27826
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.
CVE-2020-27826
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.
CVE-2020-27826
A flaw was found in Keycloak before version 12.0.0 where it is possibl ...
GHSA-m9cj-v55f-8x26
Authentication Bypass in keycloak
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-27826 A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application. | CVSS3: 4.2 | 0% Низкий | около 5 лет назад |
 | CVE-2020-27826 A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application. | CVSS3: 4.2 | 0% Низкий | больше 4 лет назад |
| CVE-2020-27826 A flaw was found in Keycloak before version 12.0.0 where it is possibl ... | CVSS3: 4.2 | 0% Низкий | больше 4 лет назад |
| GHSA-m9cj-v55f-8x26 Authentication Bypass in keycloak | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу