N/A

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.

N/A

授权机制不正确

Red Hat Keycloak 安全漏洞

Red Hat Keycloak是美国红帽（Red Hat）公司的一套为现代应用和服务提供身份验证和管理功能的软件。 Red Hat Keycloak中存在安全漏洞。攻击者可利用该漏洞访问未授权的信息或实施其他攻击。

N/A

N/A