Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

forgerock — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting forgerock. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by forgerock:Access ManagementLDAP ConnectorAccess Management Web Policy AgentAccess Management Java Policy Agent
CVE IDTitleCVSSSeverityPublished
CVE-2023-0582 Path Traversal in ForgeRock Access Managment — access managementCWE-22 8.1 High2024-03-27
CVE-2023-0511 AM Java Policy Agent path traversal — Access Management Java Policy AgentCWE-23 9.1 Critical2023-02-28
CVE-2023-0339 AM Web Policy Agent path traversal — Access Management Web Policy AgentCWE-23 9.1 Critical2023-02-28
CVE-2022-24669 Anonymous users can register / de-register for configuration change notifications — Access ManagementCWE-862 6.5 Medium2022-10-27
CVE-2022-24670 Any user can run unrestricted LDAP queries against a configuration endpoint — Access ManagementCWE-200 7.1 High2022-10-27
CVE-2022-0143 LDAP Connector: When startTLS is used then LDAP connector ignores the wrong password — LDAP ConnectorCWE-284 9.3 Critical2022-09-19
CVE-2021-4201 Pre-authentication session hijacking — Access ManagementCWE-284 9.6 Critical2022-02-14

This page lists every published CVE security advisory associated with forgerock. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.