Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Use an alternate auth_type: auth_type: client_id+client_secret. Disabling the policy entirely might be a temporary solution if the alternate {{auth_type is not feasible for some reason. The only purpose the token introspection endpoint serves is for sessions that are revoked in RH SSO before the standard TTL expires via the exp claim.
Fri, 07 Feb 2025 03:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 21 Jan 2025 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat 3scale
Redhat keycloak |
|
CPEs | cpe:2.3:a:redhat:3scale:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:keycloak:15.0.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Redhat 3scale
Redhat keycloak |

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-08-30T08:20:03.535Z
Reserved: 2024-01-15T13:16:09.681Z
Link: CVE-2024-0560

Updated: 2024-08-01T18:11:35.164Z

Status : Analyzed
Published: 2024-02-28T17:15:08.340
Modified: 2025-01-21T18:31:10.947
Link: CVE-2024-0560


No data.