Vulnerability Database
Blog
FAQ
Docs
CVE-2020-1717
See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-1717
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-1717.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-1717
Aliases
GHSA-rvfc-g8j5-9ccf
Published
2021-02-11T18:15:14Z
Modified
2024-09-02T22:40:17Z
Severity
2.7 (Low)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVSS Calculator
Summary
[none]
Details
A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.
References
https://bugzilla.redhat.com/show_bug.cgi?id=1796281
https://issues.jboss.org/browse/KEYCLOAK-12014
Affected packages
Git
/
github.com/keycloak/keycloak
Affected ranges
Type
GIT
Repo
https://github.com/keycloak/keycloak
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
7787e89db4a55a524351bb39d9f0106221c8765a
Last affected
e6a274ea0e31c6572e795f3372f006c88122539b
CVE-2020-1717 - OSV