Unauthorized Access Vulnerability in Keycloak Reset Credential Flow

Unauthorized Access Vulnerability in Keycloak Reset Credential Flow

CVE-2020-1718 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application.

Learn more about our Web Application Penetration Testing UK.