Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.
CVSS Information
N/A
Vulnerability Type
授权机制不正确
Vulnerability Title
Red Hat Single Sign-On 安全漏洞
Vulnerability Description
Red Hat Single Sign-On是美国红帽(Red Hat)公司的一个身份验证和访问控制系统。该工具负责为系统的身份验证和访问控制功能,支持大多数身份验证协议(Oauth、OpenId Connect)等,并可轻易集成OpenShift和Red Hat中间件等多数产品。 Red Hat Single Sign-On存在安全漏洞,该漏洞源于授权不当。攻击者可以利用该漏洞执行不被允许的操作,将用户添加到主域。
CVSS Information
N/A
Vulnerability Type
N/A