Vulnerability Details CVE-2023-6841
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when the application send back rows with long attribute values.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.0%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-6841
-
cpe:2.3:a:redhat:keycloak:-
-
cpe:2.3:a:redhat:single_sign-on:7.0