A privilege escalation flaw was... CVE-2022-1245

7.5 AV AC AU C I A
发布: 2022-07-08
修订: 2024-11-21

A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息