CVE-2024-1722 — LOW (3.7) — White Hats Nepal

Vulnerability Description

A flaw was found in Keycloak. In certain conditions, this issue may allow a remote unauthenticated attacker to block other accounts from logging in.

CVSS Score

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Affected Products

Vendor	Product	Versions
Redhat	Keycloak	23.0.5

Related Weaknesses (CWE)

CWE-645

References

https://access.redhat.com/security/cve/CVE-2024-1722Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=2265389Issue Tracking
https://access.redhat.com/security/cve/CVE-2024-1722Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=2265389Issue Tracking

FAQ

What is CVE-2024-1722?

CVE-2024-1722 is a vulnerability with a CVSS score of 3.7 (LOW). A flaw was found in Keycloak. In certain conditions, this issue may allow a remote unauthenticated attacker to block other accounts from logging in.

How severe is CVE-2024-1722?

CVE-2024-1722 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-1722?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Keycloak.