Forgerock Access Management

4 CVEs affecting Forgerock Access Management. Latest disclosed: 2024-03-27. Critical: 1, High: 2.

Top CVEs affecting Forgerock Access Management
CVESeverityScorePublishedSummary
CVE-2021-4201Critical9.62022-02-14Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, i…
CVE-2023-0582High8.12024-03-27Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This…
CVE-2022-24670High7.12022-10-27An attacker can use the unrestricted LDAP queries to determine configuration entries
CVE-2022-24669Medium6.52022-10-27It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services.