VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-rejf-mj3m-pqg6

Essentials
Severities (48)
References (19)
Severity details (20)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-rejf-mj3m-pqg6
Aliases	CVE-2020-35509 GHSA-rpj2-w6fr-79hc
Summary	Keycloak vulnerable to Improper Certificate Validation keycloak accepts an expired certificate by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity. This issue was partially fixed in version [13.0.1](https://github.com/keycloak/keycloak/pull/6330) and more completely fixed in version [14.0.0](https://github.com/keycloak/keycloak/pull/8067).
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-20	Improper Input Validation
CWE-295	Improper Certificate Validation
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3	4.2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json
cvssv3.1	5.4	https://access.redhat.com/security/cve/cve-2020-35509
generic_textual	MODERATE	https://access.redhat.com/security/cve/cve-2020-35509
ssvc	Track	https://access.redhat.com/security/cve/cve-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00087	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
epss	0.00105	https://api.first.org/data/v1/epss?cve=CVE-2020-35509
cvssv3.1	5.4	https://bugzilla.redhat.com/show_bug.cgi?id=1912427
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=1912427
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-rpj2-w6fr-79hc
cvssv3.1	5.4	https://github.com/keycloak/keycloak
generic_textual	MODERATE	https://github.com/keycloak/keycloak
cvssv3.1	5.4	https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76
generic_textual	MODERATE	https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76
cvssv3.1	5.4	https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb
generic_textual	MODERATE	https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb
cvssv3.1	5.4	https://github.com/keycloak/keycloak/pull/6330
generic_textual	MODERATE	https://github.com/keycloak/keycloak/pull/6330
cvssv3.1	5.4	https://github.com/keycloak/keycloak/pull/8067
generic_textual	MODERATE	https://github.com/keycloak/keycloak/pull/8067
cvssv3.1	5.4	https://nvd.nist.gov/vuln/detail/CVE-2020-35509
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2020-35509
archlinux	Medium	https://security.archlinux.org/AVG-2084

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json
		https://access.redhat.com/security/cve/cve-2020-35509
		https://api.first.org/data/v1/epss?cve=CVE-2020-35509
		https://bugzilla.redhat.com/show_bug.cgi?id=1912427
		https://github.com/keycloak/keycloak
		https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76
		https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb
		https://github.com/keycloak/keycloak/pull/6330
		https://github.com/keycloak/keycloak/pull/8067
		https://nvd.nist.gov/vuln/detail/CVE-2020-35509
ASA-202106-53		https://security.archlinux.org/ASA-202106-53
AVG-2084		https://security.archlinux.org/AVG-2084
cpe:2.3:a:redhat:keycloak:11.0.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:11.0.3:::::::*
cpe:2.3:a:redhat:keycloak:12.0.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:12.0.0:::::::*
GHSA-rpj2-w6fr-79hc		https://github.com/advisories/GHSA-rpj2-w6fr-79hc
RHSA-2021:3527		https://access.redhat.com/errata/RHSA-2021:3527
RHSA-2021:3528		https://access.redhat.com/errata/RHSA-2021:3528
RHSA-2021:3529		https://access.redhat.com/errata/RHSA-2021:3529
RHSA-2021:3534		https://access.redhat.com/errata/RHSA-2021:3534

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35509.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://access.redhat.com/security/cve/cve-2020-35509

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-30T19:38:02Z/ Found at https://access.redhat.com/security/cve/cve-2020-35509

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=1912427

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak/blob/4f330f4a57cbfcf6202b60546518261c66e59a35/services/src/main/java/org/keycloak/authentication/authenticators/x509/ValidateX509CertificateUsername.java#L74-L76

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak/commit/478319348bdfdb9b6d39122f41edf2af79f679bb

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak/pull/6330

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://github.com/keycloak/keycloak/pull/8067

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2020-35509

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.25937
EPSS Score	0.00087
Published At	Sept. 9, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:03:38.749351+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/08/GHSA-rpj2-w6fr-79hc/GHSA-rpj2-w6fr-79hc.json	37.0.0