VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-f19m-zv2h-9fgu

Essentials
Severities (161)
References (47)
Severity details (78)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-f19m-zv2h-9fgu
Aliases	CVE-2024-8883 GHSA-vvf8-2h68-9475
Summary	Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-601	URL Redirection to Untrusted Site ('Open Redirect')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:10385
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:10385
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:10385
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:10385
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:10386
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:10386
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:10386
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:10386
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6878
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6878
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6878
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6878
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6879
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6879
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6879
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6879
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6880
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6880
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6880
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6880
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6882
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6882
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6882
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6882
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6886
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6886
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6886
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6886
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6887
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6887
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6887
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6887
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6888
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6888
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6888
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6888
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6889
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6889
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6889
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6889
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:6890
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:6890
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6890
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:6890
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:8823
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:8823
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:8823
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:8823
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:8824
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:8824
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:8824
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:8824
cvssv3.1	6.1	https://access.redhat.com/errata/RHSA-2024:8826
cvssv3.1	6.8	https://access.redhat.com/errata/RHSA-2024:8826
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:8826
ssvc	Track	https://access.redhat.com/errata/RHSA-2024:8826
cvssv3	6.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8883.json
cvssv3.1	6.1	https://access.redhat.com/security/cve/CVE-2024-8883
cvssv3.1	6.8	https://access.redhat.com/security/cve/CVE-2024-8883
generic_textual	HIGH	https://access.redhat.com/security/cve/CVE-2024-8883
ssvc	Track	https://access.redhat.com/security/cve/CVE-2024-8883
epss	0.00244	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00244	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00244	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00244	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00685	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00740	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.00740	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.01008	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02854	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.02905	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03574	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03574	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.03661	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.04493	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.04786	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.04786	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.04786	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.0489	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
epss	0.69235	https://api.first.org/data/v1/epss?cve=CVE-2024-8883
cvssv3.1	6.1	https://bugzilla.redhat.com/show_bug.cgi?id=2312511
cvssv3.1	6.8	https://bugzilla.redhat.com/show_bug.cgi?id=2312511
generic_textual	HIGH	https://bugzilla.redhat.com/show_bug.cgi?id=2312511
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2312511
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-vvf8-2h68-9475
cvssv3.1	6.8	https://github.com/keycloak/keycloak
generic_textual	HIGH	https://github.com/keycloak/keycloak
cvssv3.1	6.1	https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
cvssv3.1	6.8	https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
generic_textual	HIGH	https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
ssvc	Track	https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
cvssv3.1	6.8	https://github.com/keycloak/keycloak/releases/tag/25.0.6
generic_textual	HIGH	https://github.com/keycloak/keycloak/releases/tag/25.0.6
cvssv3	6.1	https://nvd.nist.gov/vuln/detail/CVE-2024-8883
cvssv3.1	6.1	https://nvd.nist.gov/vuln/detail/CVE-2024-8883
cvssv3.1	6.8	https://nvd.nist.gov/vuln/detail/CVE-2024-8883
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2024-8883

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2024:10385
		https://access.redhat.com/errata/RHSA-2024:10386
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8883.json
		https://access.redhat.com/security/cve/CVE-2024-8883
		https://api.first.org/data/v1/epss?cve=CVE-2024-8883
		https://github.com/keycloak/keycloak
		https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
		https://github.com/keycloak/keycloak/releases/tag/25.0.6
		https://nvd.nist.gov/vuln/detail/CVE-2024-8883
2312511		https://bugzilla.redhat.com/show_bug.cgi?id=2312511
cpe:2.3:a:redhat:build_of_keycloak:-::::text-only:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:build_of_keycloak:-::::text-only:::
cpe:2.3:a:redhat:openshift_container_platform:4.11:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.11:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.12:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.12:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:::::::*
cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:::::::*
cpe:2.3:a:redhat:single_sign-on:7.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:7.6:::::::*
cpe:2.3:a:redhat:single_sign-on:-::::text-only:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:single_sign-on:-::::text-only:::
cpe:/a:redhat:build_keycloak:22		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
cpe:/a:redhat:build_keycloak:22::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
cpe:/a:redhat:build_keycloak:24		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24
cpe:/a:redhat:build_keycloak:24::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:24::el9
cpe:/a:redhat:jboss_enterprise_application_platform:8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8
cpe:/a:redhat:jboss_enterprise_application_platform:8.0		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0
cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8
cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9
cpe:/a:redhat:red_hat_single_sign_on:7.6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
cpe:/a:redhat:red_hat_single_sign_on:7.6::el7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
cpe:/a:redhat:red_hat_single_sign_on:7.6::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
cpe:/a:redhat:red_hat_single_sign_on:7.6::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
cpe:/a:redhat:rhosemc:1.0::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
GHSA-vvf8-2h68-9475		https://github.com/advisories/GHSA-vvf8-2h68-9475
RHSA-2024:6878		https://access.redhat.com/errata/RHSA-2024:6878
RHSA-2024:6879		https://access.redhat.com/errata/RHSA-2024:6879
RHSA-2024:6880		https://access.redhat.com/errata/RHSA-2024:6880
RHSA-2024:6882		https://access.redhat.com/errata/RHSA-2024:6882
RHSA-2024:6886		https://access.redhat.com/errata/RHSA-2024:6886
RHSA-2024:6887		https://access.redhat.com/errata/RHSA-2024:6887
RHSA-2024:6888		https://access.redhat.com/errata/RHSA-2024:6888
RHSA-2024:6889		https://access.redhat.com/errata/RHSA-2024:6889
RHSA-2024:6890		https://access.redhat.com/errata/RHSA-2024:6890
RHSA-2024:8823		https://access.redhat.com/errata/RHSA-2024:8823
RHSA-2024:8824		https://access.redhat.com/errata/RHSA-2024:8824
RHSA-2024:8826		https://access.redhat.com/errata/RHSA-2024:8826

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:10385

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:10385

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:10385

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:10386

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:10386

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:10386

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6878

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6878

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6878

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6879

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6879

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6879

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6880

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6880

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6880

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6882

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6882

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6882

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6886

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6886

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6886

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6887

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6887

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6887

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6888

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6888

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6888

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6889

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6889

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6889

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:6890

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:6890

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:6890

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:8823

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:8823

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:8823

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:8824

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:8824

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:8824

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/errata/RHSA-2024:8826

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2024:8826

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/errata/RHSA-2024:8826

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8883.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://access.redhat.com/security/cve/CVE-2024-8883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://access.redhat.com/security/cve/CVE-2024-8883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://access.redhat.com/security/cve/CVE-2024-8883

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2312511

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2312511

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2312511

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://github.com/keycloak/keycloak

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-19T17:28:37Z/ Found at https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://github.com/keycloak/keycloak/releases/tag/25.0.6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-8883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-8883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2024-8883

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.63656
EPSS Score	0.00244
Published At	Dec. 17, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-09-19T21:31:46.024661+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8883.json	34.0.1