CVE-2018-10894
published 2018-08-01CVE-2018-10894: It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access…
medium5.4CVSS 3.0
AVNACLPRLUINSUCLILAN
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| red_hat | keycloak | — | — |
| redhat | keycloak | — | — |
| redhat | single_sign-on | — | — |