EPSS
Percentile
55.6%
Keycloak Spring Security Integration is vulnerable to replay attacks. The SAML broker consumer endpoint fails to properly validate the expired tokens of SAML assertions, allowing an attacker to replay an old token to obtain a valid session.
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637