Lucene search

K

Veracode Vulnerability DatabaseVERACODE:28646

HistoryDec 19, 2020 - 5:51 a.m.

Privilege Escalation

2020-12-1905:51:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

keycloak

privilege escalation

account rest api

user metadata

EPSS

0.001

Percentile

22.7%

keycloak is vulnerable to privilege escalation. The Account REST API can update user metadata attributes.

References

access.redhat.com/errata/RHSA-2020:5526

access.redhat.com/security/updates/classification/#low

bugzilla.redhat.com/show_bug.cgi?id=1905089

EPSS

0.001

Percentile

22.7%

Related for VERACODE:28646

redhat4 osv2 github1 nessus3 redhatcve1 prion1 cvelist1 cve1 nvd1