PT-2023-16321 · Forgerock · Forgerock Access Management Java Policy Agent
Robert Byrne
·
Published
2023-02-28
·
Updated
2023-03-09
·
CVE-2023-0511
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ForgeRock Access Management Java Policy Agent versions up to 5.10.1
Description
The issue is related to a Relative Path Traversal vulnerability that allows Authentication Bypass in the ForgeRock Access Management Java Policy Agent.
Recommendations
For versions up to 5.10.1, update to a version later than 5.10.1 to resolve the issue.
At the moment, there is no information about other mitigation measures for this vulnerability.
Fix
Path traversal
Relative Path Traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Forgerock Access Management Java Policy Agent