CVE-2024-10270

Published Nov 25, 2024

Last updated 3 months ago

CVSS medium 6.5

Overview

Description
A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) scenario by exhausting system resources due to a Regex complexity.
Source
secalert@redhat.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity
MEDIUM

Weaknesses

secalert@redhat.com
CWE-1333

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2024-10270 (Published: 2024-11-25) - Medium severity vulnerability in Red Hat products. Affects multiple versions. Users are urged to apply the latest patches and updates to mitigate risks. For detailed info, visit: https://t.co/XOQA1QFo8U #CyberSecurity #RedHat #CVE

    @transilienceai

    27 Nov 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🔒 CVE-2024-10270 (Published: 2024-11-25) affects specific Red Hat products. Ensure your systems are updated to the latest versions to mitigate potential vulnerabilities. For detailed remediation steps, check the official Bugzilla report: https://t.co/XOQA1QFo8U #CyberSecurity… h

    @transilienceai

    27 Nov 2024

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔒 CVE-2024-10270 (Published: 2024-11-25) affects Red Hat products. Exploited versions include specific releases. To mitigate risks, ensure you apply the latest patches and updates. For more details, check the official report: https://t.co/XOQA1QFo8U #CyberSecurity #RedHat #CVE

    @transilienceai

    27 Nov 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🔒 CVE-2024-10270 (Published: 2024-11-25) - A high-severity vulnerability affecting Red Hat products. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, check the advisory: https://t.co/8o4JLzSvAD #CyberSecurity #RedHat… http

    @transilienceai

    27 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-10270 A vulnerability was found in the Keycloak-services package. If untrusted data is passed to the SearchQueryUtils method, it could lead to a denial of service (DoS) sce… https://t.co/PaORgcvqcj

    @CVEnew

    25 Nov 2024

    513 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

References