CVE-2024-5203

Published Jun 12, 2024

Last updated 2 months ago

Overview

Description: Rejected reason: After careful review of CVE-2024-5203, it has been determined that the issue is not exploitable in real-world scenarios. Moreover, the exploit assumes that the attacker has access to a session code parameter that matches a cookie on the Keycloak server. However the attacker does not have access to the cookie, and can therefore not craft a malicious request.
Source: secalert@redhat.com
NVD status: Rejected

Weaknesses

secalert@redhat.com: CWE-352

Hype score: Not currently trending

References

https://nvd.nist.gov/vuln/detail/CVE-2024-5203