How severe is CVE-2019-14909?

CVE-2019-14909 has a CVSS v3 score of 8.3 (HIGH).

CVE-2019-14909

Name: keycloak
Author: redhat

8.3HIGH

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.

发布于: 12/4/2019更新于: 11/21/2024

描述

A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.

AI分析AI驱动

受影响产品

redhatkeycloak

7.0.0

redhatkeycloak

7.0.1

参考资料

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14909
Issue TrackingThird Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14909
Issue TrackingThird Party Advisory