Vulnerabilities > Redhat > Single Sign ON > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-26 CVE-2017-12159 Insufficient Session Expiration vulnerability in multiple products
It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session.
network
low complexity
redhat keycloak CWE-613
7.5