Forgerock Access Management
4 CVEs affecting Forgerock Access Management. Latest disclosed: 2024-03-27. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-4201 | Critical | 9.6 | 2022-02-14 | Missing access control in ForgeRock Access Management 7.1.0 and earlier versions on all platforms allows remote unauthenticated attackers to hijack sessions, i… |
CVE-2023-0582 | High | 8.1 | 2024-03-27 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This… |
CVE-2022-24670 | High | 7.1 | 2022-10-27 | An attacker can use the unrestricted LDAP queries to determine configuration entries |
CVE-2022-24669 | Medium | 6.5 | 2022-10-27 | It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services. |