CVE-2020-1717

LOW2.7EPSS 0.18%

Generation of Error Message Containing Sensitive Information in Keycloak

Published: 2/9/2022Modified: 4/22/2024

Description

A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1LOW2.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

References (3)