Improper Brute Force Detection Implementation in Keycloak 4.2.1.Final and 4.3.0.Final
CVE-2018-14657 · HIGH Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.
Learn more about our Web Application Penetration Testing UK.