CVE-2022-1466
Description
Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.158
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2022-1466 are fixed in Keycloak-core 17.0.1 | Windows |
| Vulnerabilities CVE-2022-1466 are fixed in Keycloak-core for Linux 17.0.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234