CVE-2022-1466

Summary

Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.

Affected Software

VendorProductVersion RangeStatus
n/arhssorhsso 7.5.0.GAaffected

Weaknesses

  • CWE-863: CWE-863

ADP Enrichment

CVE Program Container

Additional References

References