A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-10-15T18:13:17

Updated: 2024-08-05T00:26:39.131Z

Reserved: 2019-08-10T00:00:00

Link: CVE-2019-14832

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2019-10-15T19:15:11.927

Modified: 2019-12-11T14:44:31.727

Link: CVE-2019-14832

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-10-14T00:00:00Z

Links: CVE-2019-14832 - Bugzilla