How severe is CVE-2019-14909?

CVE-2019-14909 has a CVSS v3 score of 8.3 (HIGH).

CVE-2019-14909

Name: keycloak
Author: redhat

8.3HIGH

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.

公開日: 12/4/2019更新日: 11/21/2024

説明

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.

AI分析AIによる分析

影響を受ける製品

redhatkeycloak

7.0.0

redhatkeycloak

7.0.1

参照

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14909
Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14909
Issue TrackingThird Party Advisory