VYPR
High severityNVD Advisory· Published Oct 15, 2019· Updated Aug 5, 2024

CVE-2019-14832

CVE-2019-14832

Description

A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.keycloak:keycloak-model-infinispanMaven
< 7.0.17.0.1
org.keycloak:keycloak-model-jpaMaven
< 7.0.17.0.1

Affected products

3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.