CVE-2014-3655

Published: Nov 13, 2019
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2014-3655" target="_blank" rel="noopener"> CVE-2014-3655
GHSA: <a href="https://github.com/advisories/GHSA-237q-6hjp-pchq" target="_blank" rel="noopener"> GHSA-237q-6hjp-pchq
Severity: Low
Exploit:

JBoss KeyCloak is vulnerable to soft token deletion via CSRF

CVSS v3:

CVSS v2:

CWEs:

Software	From	Fixed in
redhat / keycloak	-	1.0.1.x
redhat / jboss_enterprise_web_server	1.0.0	1.0.0.x
org.keycloak / keycloak-services	-	1.0.2.Final