CVE-2024-10492

Published Nov 25, 2024

Last updated 3 months ago

CVSS low 2.7

Overview

Description
A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This attacker must have previous high access to the Keycloak server in order to perform resource creation, for example, an LDAP provider configuration and set up a Vault read file, which will only inform whether that file exists or not.
Source
secalert@redhat.com
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
2.7
Impact score
1.4
Exploitability score
1.2
Vector string
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Severity
LOW

Weaknesses

secalert@redhat.com
CWE-73

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects Red Hat products. Vulnerable versions include specific releases that could be exploited. Ensure your systems are updated to the latest patches to mitigate risks. For more details, check the bug report: https://t.co/10RytJZ5yv… htt

    @transilienceai

    27 Nov 2024

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2024-10492 (Published: 2024-11-25) - A low-severity vulnerability affects Red Hat products. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, check the advisory: https://t.co/10RytJZ5yv #CyberSecurity #RedHat #CVE

    @transilienceai

    27 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CVE-2024-10492 (Published: 2024-11-25) - A low-severity vulnerability affects Red Hat products. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, check the advisory: RHSA-2024:10176. More info: https://t.co/10RytJZ5yv… ht

    @transilienceai

    27 Nov 2024

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects Red Hat products. Vulnerable versions include specific releases outlined in RHSA-2024:10175. Ensure your systems are updated to the latest patches to mitigate risks. For more details, visit: https://t.co/10RytJZ5yv #CyberSecurity…

    @transilienceai

    27 Nov 2024

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects specific versions of Red Hat products. Users are urged to update to the latest versions to mitigate vulnerabilities. For detailed remediation steps, visit: https://t.co/WS45Xk766j. Stay secure! 🔒 #CyberSecurity #RedHat

    @transilienceai

    27 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects multiple Red Hat products. Vulnerable versions include specific releases that could be exploited. Ensure your systems are updated to the latest patches to mitigate risks. For detailed remediation steps, visit:… https://t.co/iFC9u3

    @transilienceai

    27 Nov 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects specific versions of a critical product. Users are urged to update to the latest version to mitigate vulnerabilities. For detailed remediation steps, visit: https://t.co/WS45Xk766j. Stay secure! #CyberSecurity #CVE

    @transilienceai

    27 Nov 2024

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 CVE-2024-10492 (Published: 2024-11-25) - A low-severity vulnerability affecting Red Hat products. Ensure your systems are updated to the latest versions to mitigate risks. For detailed remediation steps, visit: https://t.co/WS45Xk766j #CyberSecurity #RedHat #CVE

    @transilienceai

    27 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 CVE-2024-10492 (Published: 2024-11-25) affects Red Hat products. Ensure your systems are updated to mitigate vulnerabilities in the impacted versions. For detailed remediation steps, visit: https://t.co/WS45Xk766j. Stay secure! 🔒 #CyberSecurity #RedHat

    @transilienceai

    27 Nov 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 CVE-2024-10492 (Published: 2024-11-25) - Important security advisory for Red Hat. Affects specific product versions. Ensure your systems are updated to mitigate vulnerabilities. For detailed remediation steps, visit: https://t.co/ejqiFXsYny #CyberSecurity #RedHat #CVE

    @transilienceai

    27 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨 CVE-2024-10492 (Published: 2024-11-25) - Important security flaw in Red Hat. Affects specific versions of Red Hat products. Ensure your systems are updated to the latest patches to mitigate risks. For detailed remediation steps, visit: https://t.co/ejqiFXsYny #CyberSecurity… h

    @transilienceai

    27 Nov 2024

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2024-10492 A vulnerability was found in Keycloak. A user with high privileges could read sensitive information from a Vault file that is not within the expected context. This at… https://t.co/NLPwLiCrWQ

    @CVEnew

    25 Nov 2024

    485 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References