2.1
CVSSv2

CVE-2020-10734

Published: 11/02/2021 Updated: 26/02/2021
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Application Runtimes are believed to be vulnerable.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat keycloak -

redhat jboss fuse 7.0.0

redhat openshift application runtimes -

redhat single sign-on 7.0

Vendor Advisories

A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have cross-site request forgery (CSRF) protection ...