A flaw was found in keycloak where a brute force attack is possible even when the permanent lockout feature is enabled. This is due to a wrong error message displayed when wrong credentials are entered. The highest threat from this vulnerability is to confidentiality.
Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku
Kaynak: National Vulnerability Database