High severityNVD Advisory· Published Jan 25, 2022· Updated Aug 3, 2024
CVE-2021-4133
CVE-2021-4133
Description
A flaw was found in Keycloak in versions from 12.0.0 and before 15.1.1 which allows an attacker with any existing user account to create new default user accounts via the administrative REST API even when new user registration is disabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.keycloak:keycloak-servicesMaven | < 15.1.1 | 15.1.1 |
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-83x4-9cwr-5487ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-4133ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/keycloak/keycloak/issues/9247ghsax_refsource_MISCWEB
- github.com/keycloak/keycloak/security/advisories/GHSA-83x4-9cwr-5487ghsax_refsource_MISCWEB
- www.oracle.com/security-alerts/cpuapr2022.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.