Back to bug 1933639
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2021-03-02 12:45:42 UTC | Summary | keycloak: missing re-authentication while updating password | CVE-2021-20262 keycloak: missing re-authentication while updating password |
| Alias | CVE-2021-20262 | |||
| Pedro Sampaio | 2021-03-02 12:46:49 UTC | Blocks | 1934069 | |
| RaTasha Tillery-Smith | 2021-03-02 13:31:38 UTC | Doc Text | A flaw was found in Keycloak where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |
| Paramvir jindal | 2021-03-04 09:55:15 UTC | Doc Text | A flaw was found in Keycloak where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. |
| Red Hat Bugzilla | 2021-12-31 23:33:48 UTC | CC | almorale | |
| Red Hat Bugzilla | 2022-04-19 04:38:57 UTC | CC | ggaughan | |
| Red Hat Bugzilla | 2022-06-30 23:46:52 UTC | CC | bibryam | |
| Red Hat Bugzilla | 2022-08-12 04:38:12 UTC | CC | etirelli | |
| Red Hat Bugzilla | 2022-08-31 22:23:08 UTC | Priority | medium | low |
| Severity | medium | low | ||
| CC | mszynkie | |||
| Red Hat Bugzilla | 2022-10-28 13:13:01 UTC | CC | krathod | |
| Red Hat Bugzilla | 2022-11-14 23:22:43 UTC | CC | jstastny | |
| Red Hat Bugzilla | 2022-12-31 23:43:17 UTC | CC | aboyko | |
| Avinash Hanwate | 2023-02-27 09:27:22 UTC | Severity | low | medium |
| Priority | low | medium | ||
| Red Hat Bugzilla | 2023-05-15 18:03:50 UTC | CC | rrajasek | |
| Red Hat Bugzilla | 2023-05-15 18:09:22 UTC | CC | drieden | |
| Red Hat Bugzilla | 2023-05-31 22:25:01 UTC | CC | rsynek | |
| Red Hat Bugzilla | 2023-07-07 08:29:05 UTC | Assignee | security-response-team | nobody |
Back to bug 1933639