Vulnerability Details CVE-2021-3461
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.2%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 3.3
References
Products affected by CVE-2021-3461
-
cpe:2.3:a:redhat:keycloak:9.0.13
-
cpe:2.3:a:redhat:single_sign-on:7.0
-
cpe:2.3:a:redhat:single_sign-on:7.4
-
cpe:2.3:a:redhat:single_sign-on:7.4.7