Insecure Password Passing in keycloak-httpd-client-install Versions Before 0.8

Insecure Password Passing in keycloak-httpd-client-install Versions Before 0.8

CVE-2017-15112 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users.

Learn more about our User Device Pen Test.