VYPR

AM

by Forgerock

CVEs (2)

  • CVE-2018-7272MedFeb 21, 2018
    risk 0.42cvss 6.5epss 0.01

    The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows attackers to obtain sensitive information by finding an ID value in a log file.

  • CVE-2022-24670Oct 27, 2022
    risk 0.00cvss epss 0.01

    An attacker can use the unrestricted LDAP queries to determine configuration entries