Generation of Error Message Containing Sensitive Information
CVE-2020-1717
Summary
A flaw was found in Keycloak. A logged in user can do an account email enumeration attack. NOTE: We couldn't find a fix for this.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- HIGH
- LOW
- NONE
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
Advisory Timeline
- Published