Lucene search
GoogleOSV:GHSA-7FMW-85QM-H22PHistoryMay 13, 2022 - 1:38 a.m.
Keycloak CSRF Vulnerability
2022-05-1301:38:14
Google
osv.dev
13
keycloak
csrf
vulnerability
non-unique
cookie
attacker
access
information disclosure
attacks
It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.
Related
prion
prion
Information disclosure
2017-10-26 17:29:00
redhatcve
redhatcve
CVE-2017-12159
2019-10-06 20:47:35
github
github
Keycloak CSRF Vulnerability
2022-05-13 01:38:14
cvelist
cvelist
CVE-2017-12159
2017-10-17 00:00:00
nvd
nvd
CVE-2017-12159
2017-10-26 17:29:00
veracode
veracode
Cross-site Request Forgery (CSRF)
2017-10-27 02:09:32
osv
osv
CGA-mrv4-ccrx-m6pr
2024-06-06 12:28:34
cve
cve
CVE-2017-12159
2017-10-26 17:29:00
nessus
nessus
RHEL 6 : rh-sso7-keycloak (RHSA-2017:2904)
2017-10-19 00:00:00
RHEL 7 : rh-sso7-keycloak (RHSA-2017:2905)
2017-10-19 00:00:00
redhat
redhat
(RHSA-2017:2904) Moderate: rh-sso7-keycloak security update
2017-10-17 19:40:36
(RHSA-2017:2906) Moderate: Red Hat Single Sign-On security update
2017-10-17 19:41:35
(RHSA-2017:2905) Moderate: rh-sso7-keycloak security update
2017-10-17 19:40:56