Published: 15/12/2020 Updated: 18/12/2020

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

A flaw was found in Keycloak prior to 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. This flaw allows a malicious user to perform replay attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat keycloak

A flaw was found in Keycloak before 1300 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter This flaw allows a malicious user to perform replay attacks ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2020-1695, CVE-2020-1723, CVE-2020-1725, CVE-2020-10770, CVE-2020-14302, CVE-2020-15522, CVE-2020-25711, CVE-2020-27838, CVE-2020-28052, CVE-2020-28491, CVE-2021-3424, CVE-2021-3712, CVE-2021-20195, CVE-2021-20202, CVE-2021-20222, CVE-2021-20262, CVE-2021-21290, C ...

CWE-294 https://bugzilla.redhat.com/show_bug.cgi?id=1849584 https://nvd.nist.gov https://security.archlinux.org/CVE-2020-14302 https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-134/index.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-14302

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect