CVE-2019-14909
published 2019-12-04CVE-2019-14909: A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be…
high8.3CVSS 3.1
AVNACLPRNUINSCCLILAL
A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| redhat | keycloak | — | — |
| redhat | keycloak | — | — |
| redhat | keycloak | — | — |