CVE

CVE-2023-6841

Severity:
HIGH
Type:
Unavailable / Other
Publication date:
10/09/2024
Last modified:
01/10/2024

Description

A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*