Vulnerabilities > Forgerock > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-05	CVE-2019-3800	Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. local low complexity pivotal anynines apigee appdynamics bluemedora contrastsecurity cyberark datadoghq datastax dynatrace forgerock google ibm microsoft newrelic pagerduty riverbed samba signalsciences snyk solace splunk sumologic synopsys tibco wavefront yugabyte CWE-200	2.1
2014-11-14	CVE-2014-7246	Improper Input Validation vulnerability in Forgerock Openam The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0 through 11.0.2, when deployed on a multi-server network, allows remote authenticated users to cause a denial of service (infinite loop) via a crafted cookie in a request. network forgerock CWE-20	3.5