Vulnerabilities > CVE-2021-3424 - Unspecified vulnerability in Redhat Single Sign-On 7.4

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
redhat

Summary

A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges.

Vulnerable Configurations

Part Description Count
Application
Redhat
1