CVE-2017-7474
N/A
N/A
Summary
It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat, Inc. | Keycloak Node.js adapter | 2.5 - 3.0 | affected |
Weaknesses
- CWE-253: CWE-253
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.