RedHat keycloak CVE-2016-8609 Session Hijacking Vulnerability

Bugtraq ID: 95070
Class: Design Error
CVE: CVE-2016-8609
Remote: Yes
Local: No
Published: Dec 13 2016 12:00AM
Updated: Jan 12 2017 02:04AM
Credit: Hiroyuki Wada (Nomura Research Institute, Ltd).
Vulnerable: Redhat Single Sign-On 7.0
+ Redhat Linux 6.2 E sparc
+ Redhat Linux 6.2 E i386
+ Redhat Linux 6.2 E alpha
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
Redhat keycloak 2.2.0
+ Redhat Linux 7.0
Redhat keycloak 2.1
+ Redhat Linux 6.2 E sparc
+ Redhat Linux 6.2 E i386
+ Redhat Linux 6.2 E alpha
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
Redhat keycloak 2.0
+ Redhat Linux 7.0
Not Vulnerable: Redhat keycloak 2.3
+ Redhat Linux 6.2 E sparc
+ Redhat Linux 6.2 E i386
+ Redhat Linux 6.2 E alpha
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha


 

Privacy Statement
Copyright 2010, SecurityFocus