VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-qc8g-byp9-aaaf

Essentials
Severities (117)
References (27)
Severity details (31)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-qc8g-byp9-aaaf
Aliases	CVE-2024-5967 GHSA-c25h-c27q-5qpv GHSA-gmrm-8fx4-66x7
Summary	keycloak: Leak of configured LDAP bind credentials through the Keycloak admin console
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-276	Incorrect Default Permissions
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6493
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6493
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6494
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6494
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6495
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6495
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6497
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6497
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6499
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6499
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6500
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6500
cvssv3.1	7.1	https://access.redhat.com/errata/RHSA-2024:6501
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2024:6501
cvssv3	2.7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5967.json
cvssv3.1	2.7	https://access.redhat.com/security/cve/CVE-2024-5967
ssvc	Track	https://access.redhat.com/security/cve/CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00044	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00092	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.0024	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.0024	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.0024	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.0024	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00298	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.0035	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
epss	0.00429	https://api.first.org/data/v1/epss?cve=CVE-2024-5967
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-c25h-c27q-5qpv
cvssv3.1_qr	LOW	https://github.com/advisories/GHSA-gmrm-8fx4-66x7
cvssv3.1	6.8	https://github.com/keycloak/keycloak
generic_textual	HIGH	https://github.com/keycloak/keycloak
cvssv3.1	2.7	https://github.com/keycloak/keycloak/commit/0d0530046b9cb4b0d74d2fdefc9bd04f1d20cac0
generic_textual	LOW	https://github.com/keycloak/keycloak/commit/0d0530046b9cb4b0d74d2fdefc9bd04f1d20cac0
cvssv3.1	2.7	https://github.com/keycloak/keycloak/commit/1f56a9e48bf96c3bcb18dfc6cd93e3dd16f281f1
generic_textual	LOW	https://github.com/keycloak/keycloak/commit/1f56a9e48bf96c3bcb18dfc6cd93e3dd16f281f1
cvssv3.1	2.7	https://github.com/keycloak/keycloak/commit/bde8568d4174a7072f7c7bb507d2c7d05824b1a6
generic_textual	LOW	https://github.com/keycloak/keycloak/commit/bde8568d4174a7072f7c7bb507d2c7d05824b1a6
cvssv3.1	2.7	https://github.com/keycloak/keycloak/issues/30434
generic_textual	LOW	https://github.com/keycloak/keycloak/issues/30434
cvssv3.1	2.7	https://github.com/keycloak/keycloak/security/advisories/GHSA-c25h-c27q-5qpv
generic_textual	LOW	https://github.com/keycloak/keycloak/security/advisories/GHSA-c25h-c27q-5qpv

Reference id	Reference type	URL
		https://access.redhat.com/errata/RHSA-2024:6493
		https://access.redhat.com/errata/RHSA-2024:6494
		https://access.redhat.com/errata/RHSA-2024:6495
		https://access.redhat.com/errata/RHSA-2024:6497
		https://access.redhat.com/errata/RHSA-2024:6499
		https://access.redhat.com/errata/RHSA-2024:6500
		https://access.redhat.com/errata/RHSA-2024:6501
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5967.json
		https://api.first.org/data/v1/epss?cve=CVE-2024-5967
		https://github.com/keycloak/keycloak
		https://github.com/keycloak/keycloak/commit/0d0530046b9cb4b0d74d2fdefc9bd04f1d20cac0
		https://github.com/keycloak/keycloak/commit/1f56a9e48bf96c3bcb18dfc6cd93e3dd16f281f1
		https://github.com/keycloak/keycloak/commit/bde8568d4174a7072f7c7bb507d2c7d05824b1a6
		https://github.com/keycloak/keycloak/issues/30434
		https://github.com/keycloak/keycloak/security/advisories/GHSA-c25h-c27q-5qpv
2292200		https://bugzilla.redhat.com/show_bug.cgi?id=2292200
cpe:/a:redhat:build_keycloak:22		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22
cpe:/a:redhat:build_keycloak:22::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:build_keycloak:22::el9
cpe:/a:redhat:red_hat_single_sign_on:7.6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6
cpe:/a:redhat:red_hat_single_sign_on:7.6::el7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
cpe:/a:redhat:red_hat_single_sign_on:7.6::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
cpe:/a:redhat:red_hat_single_sign_on:7.6::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
cpe:/a:redhat:rhosemc:1.0::el8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8
CVE-2024-5967		https://access.redhat.com/security/cve/CVE-2024-5967
CVE-2024-5967		https://nvd.nist.gov/vuln/detail/CVE-2024-5967
GHSA-c25h-c27q-5qpv		https://github.com/advisories/GHSA-c25h-c27q-5qpv
GHSA-gmrm-8fx4-66x7		https://github.com/advisories/GHSA-gmrm-8fx4-66x7

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6493

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6494

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6495

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6497

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6499

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6500

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/errata/RHSA-2024:6501

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5967.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2024-5967

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-18T15:10:07Z/ Found at https://access.redhat.com/security/cve/CVE-2024-5967

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N Found at https://github.com/keycloak/keycloak

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/keycloak/keycloak/commit/0d0530046b9cb4b0d74d2fdefc9bd04f1d20cac0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/keycloak/keycloak/commit/1f56a9e48bf96c3bcb18dfc6cd93e3dd16f281f1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/keycloak/keycloak/commit/bde8568d4174a7072f7c7bb507d2c7d05824b1a6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/keycloak/keycloak/issues/30434

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/keycloak/keycloak/security/advisories/GHSA-c25h-c27q-5qpv

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.14083
EPSS Score	0.00044
Published At	Nov. 1, 2024, midnight

Date	Actor	Action	Source	VulnerableCode Version
2024-06-18T13:15:10.592771+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5967.json	34.0.0rc4