Red Hat · Keycloak · CVE-2021-3513
**Name of the Vulnerable Software and Affected Versions**
Keycloak (affected versions not specified)
Redhat Keycloak (affected versions not specified)
**Description**
A flaw in the software allows a brute force attack to be possible, even when the permanent lockout feature is enabled. This is due to an incorrect error message being displayed when incorrect credentials are entered, posing the highest threat to confidentiality.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.