CVE-2020-1731

CRITICAL

9.1

CVSS Severity Score

EPSS Score0.1750%

EPSS Percentile5.55th

Published2020年3月2日

Last Modified2024年11月21日

Vulnerability Description

A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when installing Keycloak, however the password remains the same when deployed to the same OpenShift namespace.

Affected Platforms (CPE)

📦

Redhat

Keycloak Operator

< 8.0.2

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1731

関連する脆弱性情報

CVE-2026-4638910.0

UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Ident...

CVE-2019-101998.8

It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker co...

CVE-2026-75005.4

When Keycloak is started with `--features-disabled=account,account-api`, the Account REST API is only partially disabled. Five end...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...