Metrics
Affected Vendors & Products
Tue, 26 Nov 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 05 Nov 2024 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:jboss_enterprise_application_platform:8.0 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 |
|
References |
|
Tue, 01 Oct 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Wed, 25 Sep 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat build Of Keycloak
Redhat openshift Container Platform Redhat openshift Container Platform For Ibm Z Redhat openshift Container Platform For Linuxone Redhat openshift Container Platform For Power Redhat single Sign-on |
|
CPEs | cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:text-only:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:* cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:* cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:* |
|
Vendors & Products |
Redhat build Of Keycloak
Redhat openshift Container Platform Redhat openshift Container Platform For Ibm Z Redhat openshift Container Platform For Linuxone Redhat openshift Container Platform For Power Redhat single Sign-on |
Thu, 19 Sep 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhosemc
|
|
CPEs | cpe:/a:redhat:red_hat_single_sign_on:7 |
cpe:/a:redhat:build_keycloak:22 cpe:/a:redhat:build_keycloak:22::el9 cpe:/a:redhat:build_keycloak:24 cpe:/a:redhat:build_keycloak:24::el9 cpe:/a:redhat:red_hat_single_sign_on:7.6 cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 cpe:/a:redhat:rhosemc:1.0::el8 |
Vendors & Products |
Redhat rhosemc
|
|
References |
|
|
Thu, 19 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 19 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Sep 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking. | |
Title | Keycloak: vulnerable redirect uri validation results in open redirec | |
First Time appeared |
Redhat
Redhat build Keycloak Redhat jboss Enterprise Application Platform Redhat red Hat Single Sign On |
|
Weaknesses | CWE-601 | |
CPEs | cpe:/a:redhat:build_keycloak: cpe:/a:redhat:jboss_enterprise_application_platform:8 cpe:/a:redhat:red_hat_single_sign_on:7 |
|
Vendors & Products |
Redhat
Redhat build Keycloak Redhat jboss Enterprise Application Platform Redhat red Hat Single Sign On |
|
References |
| |
Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published: 2024-09-19T15:48:28.468Z
Updated: 2024-11-26T19:08:51.050Z
Reserved: 2024-09-16T06:45:30.550Z
Link: CVE-2024-8883
Updated: 2024-09-19T17:56:46.135Z
Status : Modified
Published: 2024-09-19T16:15:06.403
Modified: 2024-11-26T19:15:32.253
Link: CVE-2024-8883