CVE-2020-1731

Summary

A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when installing Keycloak, however the password remains the same when deployed to the same OpenShift namespace.

Affected Software

VendorProductVersion RangeStatus
Red Hatkeycloakall versions of keycloak operator before keycloak operator 8.0.2affected

Weaknesses

  • CWE-341: CWE-341

ADP Enrichment

CVE Program Container

Additional References

References