CVE-2017-12159

Synopsis Moderate: Red Hat Single Sign-On security update Type/Severity Security Advisory: Moderate Topic Red Hat Single Sign-On 713 is now available for download from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Synopsis Moderate: rh-sso7-keycloak security update Type/Severity Security Advisory: Moderate Topic An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 71 for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Synopsis Moderate: rh-sso7-keycloak security update Type/Severity Security Advisory: Moderate Topic An update for rh-sso7-keycloak is now available for Red Hat Single Sign-On 71 for RHEL 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks ...