It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2017-05-12T19:00:00
Updated: 2024-08-05T16:04:11.544Z
Reserved: 2017-04-05T00:00:00
Link: CVE-2017-7474
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-05-12T19:29:00.160
Modified: 2024-11-21T03:31:58.413
Link: CVE-2017-7474
Redhat