CVE-2022-2232 — Vulnetix

CVE-2022-2232 PUBLISHED

Es existiert eine Schwachstelle in Keycloak. Mithilfe einer LDAP Anfrage ist es möglich Nutzernamen offenzulegen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Informationen offenzulegen.

EPSS 0.11% · 29.6th percentile

Risk Scores

EPSS Score

0.11%

29.6th percentile

Timeline

Nov 29, 2023 CVE Published
Nov 14, 2024 PoC Published
Nov 15, 2024 EPSS Score
Dec 4, 2024 EPSS Score
Dec 21, 2024 EPSS Score
Jan 8, 2025 EPSS Score
Jan 25, 2025 EPSS Score
Feb 12, 2025 EPSS Score
Mar 1, 2025 EPSS Score
Mar 19, 2025 EPSS Score
Apr 5, 2025 EPSS Score
Apr 23, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3028.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3028 advisory
https://github.com/keycloak/keycloak/commit/4252e394cf725b16f7e4e19aa32b03fd3fe13fde advisory
https://github.com/advisories/GHSA-8hc5-rmgf-qx6p advisory

Open in Interactive Console →