It was found that the Keycloak Node.js adapter 2.5 - 3.0 did not handle invalid tokens correctly. An attacker could use this flaw to bypass authentication and gain access to restricted information, or to possibly conduct further attacks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2017-05-12T19:00:00

Updated: 2024-08-05T16:04:11.544Z

Reserved: 2017-04-05T00:00:00

Link: CVE-2017-7474

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-05-12T19:29:00.160

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-7474

cve-icon Redhat

Severity : Important

Publid Date: 2017-05-08T00:00:00Z

Links: CVE-2017-7474 - Bugzilla