CNNVD-202510-3248 Information
Oct 23, 2025
cve
CNNVD ID
CNNVD-202510-3248
Related CVE
- CNNVD Published: 2025-10-23
Description (Chinese)
Red Hat build of Keycloak是美国红帽(Red Hat)公司的一款用于单点登录的Web应用。 Red Hat Build of Keycloak存在代码问题漏洞,该漏洞源于会话管理逻辑缺陷,未验证当前域级别配置,可能导致会话劫持或未经授权的长期访问。
Description (English)
Red Hat built of Keycloak is a Web application for single-point access by Red Hat. Red Hat Build of Keycloak had a code loophole, which stemmed from a session management logic flaw that failed to verify the current domain level configuration, which could lead to a session hijacking or unauthorized long-term access.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
红帽
Published
2025-10-23
Last Modified
2026-02-24
References
https://access.redhat.com/security/cve/CVE-2025-11429 https://bugzilla.redhat.com/show_bug.cgi?id=2402148
Share on: