[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-14820":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":1081,"aliases":1082,"duplicate_of":9,"upstream":1084,"downstream":1085,"duplicates":1096,"related":1097,"reserved_at":9,"published_at":1098,"modified_at":1099,"state":1100,"summary":1101,"references_raw":1110,"kevs":1127,"epss":1128,"epss_history":1131,"metrics":1382,"affected":1399},"CVE-2019-14820","It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-200","Exposure of Sensitive Information to an Unauthorized Actor","The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.","weakness","Draft","Class","High",[27,31,215,241,245,249,253,257,261,265,355,359,363,385,389,393,397,401,411,415,419,423,427,431,435,439,443,507,511,537,559,563,567,571,575,579,583,587,591,595,599,603,607,611,615,619,651,655,677,699,745,771,871,875,1000,1037,1047,1057,1077],{"id":28,"name":29,"techniques":30},"CAPEC-116","Excavation",[],{"id":32,"name":33,"techniques":34},"CAPEC-13","Subverting Environment Variable Values",[35,133,175],{"id":36,"name":37,"tactics":38,"countermeasures":45},"T1562.003","Impair Command History Logging",[39,42],{"id":40,"name":41},"TA0030","Defense Evasion",{"id":43,"name":44},"TA0005","Stealth",[46,51,56,60,64,68,73,77,82,87,91,95,100,104,109,113,117,121,125,129],{"id":47,"name":48,"tactic":49},"D3-CI","Configuration Inventory",{"name":50},"Model",{"id":52,"name":53,"tactic":54},"D3-FA","File Analysis",{"name":55},"Detect",{"id":57,"name":58,"tactic":59},"D3-FIM","File Integrity Monitoring",{"name":55},{"id":61,"name":62,"tactic":63},"D3-DA","Dynamic Analysis",{"name":55},{"id":65,"name":66,"tactic":67},"D3-EFA","Emulated File Analysis",{"name":55},{"id":69,"name":70,"tactic":71},"D3-FEV","File Eviction",{"name":72},"Evict",{"id":74,"name":75,"tactic":76},"D3-RKD","Registry Key Deletion",{"name":72},{"id":78,"name":79,"tactic":80},"D3-DF","Decoy File",{"name":81},"Deceive",{"id":83,"name":84,"tactic":85},"D3-DRA","Disable Remote Access",{"name":86},"Harden",{"id":88,"name":89,"tactic":90},"D3-ACH","Application Configuration Hardening",{"name":86},{"id":92,"name":93,"tactic":94},"D3-FE","File Encryption",{"name":86},{"id":96,"name":97,"tactic":98},"D3-RC","Restore Configuration",{"name":99},"Restore",{"id":101,"name":102,"tactic":103},"D3-RF","Restore File",{"name":99},{"id":105,"name":106,"tactic":107},"D3-CQ","Content Quarantine",{"name":108},"Isolate",{"id":110,"name":111,"tactic":112},"D3-CF","Content Filtering",{"name":108},{"id":114,"name":115,"tactic":116},"D3-LFP","Local File Permissions",{"name":108},{"id":118,"name":119,"tactic":120},"D3-RFAM","Remote File Access Mediation",{"name":108},{"id":122,"name":123,"tactic":124},"D3-CM","Content Modification",{"name":108},{"id":126,"name":127,"tactic":128},"D3-EAL","Executable Allowlisting",{"name":108},{"id":130,"name":131,"tactic":132},"D3-EDL","Executable Denylisting",{"name":108},{"id":134,"name":135,"tactics":136,"countermeasures":148},"T1574.006","Dynamic Linker Hijacking",[137,140,143,144,145],{"id":138,"name":139},"TA0110","Persistence",{"id":141,"name":142},"TA0111","Privilege Escalation",{"id":40,"name":41},{"id":43,"name":44},{"id":146,"name":147},"TA0104","Execution",[149,153,155,157,159,161,163,165,167,169,171,173],{"id":150,"name":151,"tactic":152},"D3-SFA","System File Analysis",{"name":55},{"id":52,"name":53,"tactic":154},{"name":55},{"id":57,"name":58,"tactic":156},{"name":55},{"id":69,"name":70,"tactic":158},{"name":72},{"id":78,"name":79,"tactic":160},{"name":81},{"id":92,"name":93,"tactic":162},{"name":86},{"id":101,"name":102,"tactic":164},{"name":99},{"id":110,"name":111,"tactic":166},{"name":108},{"id":114,"name":115,"tactic":168},{"name":108},{"id":118,"name":119,"tactic":170},{"name":108},{"id":105,"name":106,"tactic":172},{"name":108},{"id":122,"name":123,"tactic":174},{"name":108},{"id":176,"name":177,"tactics":178,"countermeasures":184},"T1574.007","Path Interception by PATH Environment Variable",[179,180,181,182,183],{"id":138,"name":139},{"id":141,"name":142},{"id":40,"name":41},{"id":43,"name":44},{"id":146,"name":147},[185,187,189,191,193,195,197,199,201,203,205,207,209,211,213],{"id":52,"name":53,"tactic":186},{"name":55},{"id":57,"name":58,"tactic":188},{"name":55},{"id":61,"name":62,"tactic":190},{"name":55},{"id":65,"name":66,"tactic":192},{"name":55},{"id":69,"name":70,"tactic":194},{"name":72},{"id":78,"name":79,"tactic":196},{"name":81},{"id":92,"name":93,"tactic":198},{"name":86},{"id":101,"name":102,"tactic":200},{"name":99},{"id":110,"name":111,"tactic":202},{"name":108},{"id":114,"name":115,"tactic":204},{"name":108},{"id":118,"name":119,"tactic":206},{"name":108},{"id":105,"name":106,"tactic":208},{"name":108},{"id":122,"name":123,"tactic":210},{"name":108},{"id":126,"name":127,"tactic":212},{"name":108},{"id":130,"name":131,"tactic":214},{"name":108},{"id":216,"name":217,"techniques":218},"CAPEC-169","Footprinting",[219,227,235],{"id":220,"name":221,"tactics":222,"countermeasures":226},"T1217","Browser Information Discovery",[223],{"id":224,"name":225},"TA0102","Discovery",[],{"id":228,"name":229,"tactics":230,"countermeasures":234},"T1592","Gather Victim Host Information",[231],{"id":232,"name":233},"TA0043","Reconnaissance",[],{"id":236,"name":237,"tactics":238,"countermeasures":240},"T1595","Active Scanning",[239],{"id":232,"name":233},[],{"id":242,"name":243,"techniques":244},"CAPEC-22","Exploiting Trust in Client",[],{"id":246,"name":247,"techniques":248},"CAPEC-224","Fingerprinting",[],{"id":250,"name":251,"techniques":252},"CAPEC-285","ICMP Echo Request Ping",[],{"id":254,"name":255,"techniques":256},"CAPEC-287","TCP SYN Scan",[],{"id":258,"name":259,"techniques":260},"CAPEC-290","Enumerate Mail Exchange (MX) Records",[],{"id":262,"name":263,"techniques":264},"CAPEC-291","DNS Zone Transfers",[],{"id":266,"name":267,"techniques":268},"CAPEC-292","Host Discovery",[269],{"id":270,"name":271,"tactics":272,"countermeasures":274},"T1018","Remote System Discovery",[273],{"id":224,"name":225},[275,279,281,283,285,289,293,297,301,305,309,313,317,321,323,325,327,329,333,335,337,339,341,343,347,349,351],{"id":276,"name":277,"tactic":278},"D3-SCA","System Call Analysis",{"name":55},{"id":150,"name":151,"tactic":280},{"name":55},{"id":52,"name":53,"tactic":282},{"name":55},{"id":57,"name":58,"tactic":284},{"name":55},{"id":286,"name":287,"tactic":288},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":55},{"id":290,"name":291,"tactic":292},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":55},{"id":294,"name":295,"tactic":296},"D3-CSPP","Client-server Payload Profiling",{"name":55},{"id":298,"name":299,"tactic":300},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":55},{"id":302,"name":303,"tactic":304},"D3-NTSA","Network Traffic Signature Analysis",{"name":55},{"id":306,"name":307,"tactic":308},"D3-APCA","Application Protocol Command Analysis",{"name":55},{"id":310,"name":311,"tactic":312},"D3-NTCD","Network Traffic Community Deviation",{"name":55},{"id":314,"name":315,"tactic":316},"D3-RTSD","Remote Terminal Session Detection",{"name":55},{"id":318,"name":319,"tactic":320},"D3-PSA","Process Spawn Analysis",{"name":55},{"id":69,"name":70,"tactic":322},{"name":72},{"id":78,"name":79,"tactic":324},{"name":81},{"id":92,"name":93,"tactic":326},{"name":86},{"id":101,"name":102,"tactic":328},{"name":99},{"id":330,"name":331,"tactic":332},"D3-SCF","System Call Filtering",{"name":108},{"id":110,"name":111,"tactic":334},{"name":108},{"id":114,"name":115,"tactic":336},{"name":108},{"id":118,"name":119,"tactic":338},{"name":108},{"id":105,"name":106,"tactic":340},{"name":108},{"id":122,"name":123,"tactic":342},{"name":108},{"id":344,"name":345,"tactic":346},"D3-NTF","Network Traffic Filtering",{"name":108},{"id":126,"name":127,"tactic":348},{"name":108},{"id":130,"name":131,"tactic":350},{"name":108},{"id":352,"name":353,"tactic":354},"D3-HBPI","Hardware-based Process Isolation",{"name":108},{"id":356,"name":357,"techniques":358},"CAPEC-293","Traceroute Route Enumeration",[],{"id":360,"name":361,"techniques":362},"CAPEC-294","ICMP Address Mask Request",[],{"id":364,"name":365,"techniques":366},"CAPEC-295","Timestamp Request",[367],{"id":368,"name":369,"tactics":370,"countermeasures":372},"T1124","System Time Discovery",[371],{"id":224,"name":225},[373,375,377,379,381,383],{"id":276,"name":277,"tactic":374},{"name":55},{"id":318,"name":319,"tactic":376},{"name":55},{"id":330,"name":331,"tactic":378},{"name":108},{"id":126,"name":127,"tactic":380},{"name":108},{"id":130,"name":131,"tactic":382},{"name":108},{"id":352,"name":353,"tactic":384},{"name":108},{"id":386,"name":387,"techniques":388},"CAPEC-296","ICMP Information Request",[],{"id":390,"name":391,"techniques":392},"CAPEC-297","TCP ACK Ping",[],{"id":394,"name":395,"techniques":396},"CAPEC-298","UDP Ping",[],{"id":398,"name":399,"techniques":400},"CAPEC-299","TCP SYN Ping",[],{"id":402,"name":403,"techniques":404},"CAPEC-300","Port Scanning",[405],{"id":406,"name":407,"tactics":408,"countermeasures":410},"T1046","Network Service Discovery",[409],{"id":224,"name":225},[],{"id":412,"name":413,"techniques":414},"CAPEC-301","TCP Connect Scan",[],{"id":416,"name":417,"techniques":418},"CAPEC-302","TCP FIN Scan",[],{"id":420,"name":421,"techniques":422},"CAPEC-303","TCP Xmas Scan",[],{"id":424,"name":425,"techniques":426},"CAPEC-304","TCP Null Scan",[],{"id":428,"name":429,"techniques":430},"CAPEC-305","TCP ACK Scan",[],{"id":432,"name":433,"techniques":434},"CAPEC-306","TCP Window Scan",[],{"id":436,"name":437,"techniques":438},"CAPEC-307","TCP RPC Scan",[],{"id":440,"name":441,"techniques":442},"CAPEC-308","UDP Scan",[],{"id":444,"name":445,"techniques":446},"CAPEC-309","Network Topology Mapping",[447,491,501],{"id":448,"name":449,"tactics":450,"countermeasures":452},"T1016","System Network Configuration Discovery",[451],{"id":224,"name":225},[453,455,457,459,461,463,465,467,469,471,473,475,477,479,481,483,485,487,489],{"id":52,"name":53,"tactic":454},{"name":55},{"id":57,"name":58,"tactic":456},{"name":55},{"id":61,"name":62,"tactic":458},{"name":55},{"id":65,"name":66,"tactic":460},{"name":55},{"id":276,"name":277,"tactic":462},{"name":55},{"id":318,"name":319,"tactic":464},{"name":55},{"id":69,"name":70,"tactic":466},{"name":72},{"id":78,"name":79,"tactic":468},{"name":81},{"id":92,"name":93,"tactic":470},{"name":86},{"id":101,"name":102,"tactic":472},{"name":99},{"id":110,"name":111,"tactic":474},{"name":108},{"id":114,"name":115,"tactic":476},{"name":108},{"id":118,"name":119,"tactic":478},{"name":108},{"id":105,"name":106,"tactic":480},{"name":108},{"id":122,"name":123,"tactic":482},{"name":108},{"id":126,"name":127,"tactic":484},{"name":108},{"id":130,"name":131,"tactic":486},{"name":108},{"id":330,"name":331,"tactic":488},{"name":108},{"id":352,"name":353,"tactic":490},{"name":108},{"id":492,"name":493,"tactics":494,"countermeasures":496},"T1049","System Network Connections Discovery",[495],{"id":224,"name":225},[497,499],{"id":276,"name":277,"tactic":498},{"name":55},{"id":330,"name":331,"tactic":500},{"name":108},{"id":502,"name":503,"tactics":504,"countermeasures":506},"T1590","Gather Victim Network Information",[505],{"id":232,"name":233},[],{"id":508,"name":509,"techniques":510},"CAPEC-310","Scanning for Vulnerable Software",[],{"id":512,"name":513,"techniques":514},"CAPEC-312","Active OS Fingerprinting",[515],{"id":516,"name":517,"tactics":518,"countermeasures":520},"T1082","System Information Discovery",[519],{"id":224,"name":225},[521,523,525,529,531,533,535],{"id":276,"name":277,"tactic":522},{"name":55},{"id":318,"name":319,"tactic":524},{"name":55},{"id":526,"name":527,"tactic":528},"D3-DE","Decoy Environment",{"name":81},{"id":330,"name":331,"tactic":530},{"name":108},{"id":126,"name":127,"tactic":532},{"name":108},{"id":130,"name":131,"tactic":534},{"name":108},{"id":352,"name":353,"tactic":536},{"name":108},{"id":538,"name":539,"techniques":540},"CAPEC-313","Passive OS Fingerprinting",[541],{"id":516,"name":517,"tactics":542,"countermeasures":544},[543],{"id":224,"name":225},[545,547,549,551,553,555,557],{"id":276,"name":277,"tactic":546},{"name":55},{"id":318,"name":319,"tactic":548},{"name":55},{"id":526,"name":527,"tactic":550},{"name":81},{"id":330,"name":331,"tactic":552},{"name":108},{"id":126,"name":127,"tactic":554},{"name":108},{"id":130,"name":131,"tactic":556},{"name":108},{"id":352,"name":353,"tactic":558},{"name":108},{"id":560,"name":561,"techniques":562},"CAPEC-317","IP ID Sequencing Probe",[],{"id":564,"name":565,"techniques":566},"CAPEC-318","IP 'ID' Echoed Byte-Order Probe",[],{"id":568,"name":569,"techniques":570},"CAPEC-319","IP (DF) 'Don't Fragment Bit' Echoing Probe",[],{"id":572,"name":573,"techniques":574},"CAPEC-320","TCP Timestamp Probe",[],{"id":576,"name":577,"techniques":578},"CAPEC-321","TCP Sequence Number Probe",[],{"id":580,"name":581,"techniques":582},"CAPEC-322","TCP (ISN) Greatest Common Divisor Probe",[],{"id":584,"name":585,"techniques":586},"CAPEC-323","TCP (ISN) Counter Rate Probe",[],{"id":588,"name":589,"techniques":590},"CAPEC-324","TCP (ISN) Sequence Predictability Probe",[],{"id":592,"name":593,"techniques":594},"CAPEC-325","TCP Congestion Control Flag (ECN) Probe",[],{"id":596,"name":597,"techniques":598},"CAPEC-326","TCP Initial Window Size Probe",[],{"id":600,"name":601,"techniques":602},"CAPEC-327","TCP Options Probe",[],{"id":604,"name":605,"techniques":606},"CAPEC-328","TCP 'RST' Flag Checksum Probe",[],{"id":608,"name":609,"techniques":610},"CAPEC-329","ICMP Error Message Quoting Probe",[],{"id":612,"name":613,"techniques":614},"CAPEC-330","ICMP Error Message Echoing Integrity Probe",[],{"id":616,"name":617,"techniques":618},"CAPEC-472","Browser Fingerprinting",[],{"id":620,"name":621,"techniques":622},"CAPEC-497","File Discovery",[623],{"id":624,"name":625,"tactics":626,"countermeasures":628},"T1083","File and Directory Discovery",[627],{"id":224,"name":225},[629,631,633,635,637,639,641,643,645,647,649],{"id":52,"name":53,"tactic":630},{"name":55},{"id":57,"name":58,"tactic":632},{"name":55},{"id":69,"name":70,"tactic":634},{"name":72},{"id":78,"name":79,"tactic":636},{"name":81},{"id":92,"name":93,"tactic":638},{"name":86},{"id":101,"name":102,"tactic":640},{"name":99},{"id":114,"name":115,"tactic":642},{"name":108},{"id":110,"name":111,"tactic":644},{"name":108},{"id":118,"name":119,"tactic":646},{"name":108},{"id":105,"name":106,"tactic":648},{"name":108},{"id":122,"name":123,"tactic":650},{"name":108},{"id":652,"name":653,"techniques":654},"CAPEC-508","Shoulder Surfing",[],{"id":656,"name":657,"techniques":658},"CAPEC-573","Process Footprinting",[659],{"id":660,"name":661,"tactics":662,"countermeasures":664},"T1057","Process Discovery",[663],{"id":224,"name":225},[665,667,669,671,673,675],{"id":276,"name":277,"tactic":666},{"name":55},{"id":318,"name":319,"tactic":668},{"name":55},{"id":330,"name":331,"tactic":670},{"name":108},{"id":126,"name":127,"tactic":672},{"name":108},{"id":130,"name":131,"tactic":674},{"name":108},{"id":352,"name":353,"tactic":676},{"name":108},{"id":678,"name":679,"techniques":680},"CAPEC-574","Services Footprinting",[681],{"id":682,"name":683,"tactics":684,"countermeasures":686},"T1007","System Service Discovery",[685],{"id":224,"name":225},[687,689,691,693,695,697],{"id":276,"name":277,"tactic":688},{"name":55},{"id":318,"name":319,"tactic":690},{"name":55},{"id":330,"name":331,"tactic":692},{"name":108},{"id":126,"name":127,"tactic":694},{"name":108},{"id":130,"name":131,"tactic":696},{"name":108},{"id":352,"name":353,"tactic":698},{"name":108},{"id":700,"name":701,"techniques":702},"CAPEC-575","Account Footprinting",[703],{"id":704,"name":705,"tactics":706,"countermeasures":708},"T1087","Account Discovery",[707],{"id":224,"name":225},[709,713,717,721,725,729,733,737,741],{"id":710,"name":711,"tactic":712},"D3-AM","Access Modeling",{"name":50},{"id":714,"name":715,"tactic":716},"D3-LAM","Local Account Monitoring",{"name":55},{"id":718,"name":719,"tactic":720},"D3-DAM","Domain Account Monitoring",{"name":55},{"id":722,"name":723,"tactic":724},"D3-AL","Account Locking",{"name":72},{"id":726,"name":727,"tactic":728},"D3-AA","Agent Authentication",{"name":86},{"id":730,"name":731,"tactic":732},"D3-CDP","Change Default Password",{"name":86},{"id":734,"name":735,"tactic":736},"D3-ULA","Unlock Account",{"name":99},{"id":738,"name":739,"tactic":740},"D3-RUAA","Restore User Account Access",{"name":99},{"id":742,"name":743,"tactic":744},"D3-UAP","User Account Permissions",{"name":108},{"id":746,"name":747,"techniques":748},"CAPEC-576","Group Permission Footprinting",[749,755],{"id":750,"name":751,"tactics":752,"countermeasures":754},"T1069","Permission Groups Discovery",[753],{"id":224,"name":225},[],{"id":756,"name":757,"tactics":758,"countermeasures":760},"T1615","Group Policy Discovery",[759],{"id":224,"name":225},[761,763,767,769],{"id":47,"name":48,"tactic":762},{"name":50},{"id":764,"name":765,"tactic":766},"D3-NTPM","Network Traffic Policy Mapping",{"name":50},{"id":710,"name":711,"tactic":768},{"name":50},{"id":96,"name":97,"tactic":770},{"name":99},{"id":772,"name":773,"techniques":774},"CAPEC-577","Owner Footprinting",[775],{"id":776,"name":777,"tactics":778,"countermeasures":780},"T1033","System Owner/User Discovery",[779],{"id":224,"name":225},[781,785,787,789,791,795,799,801,803,807,811,815,819,821,823,827,831,833,837,839,841,843,845,847,849,853,855,859,863,867,869],{"id":782,"name":783,"tactic":784},"D3-DI","Data Inventory",{"name":50},{"id":52,"name":53,"tactic":786},{"name":55},{"id":57,"name":58,"tactic":788},{"name":55},{"id":276,"name":277,"tactic":790},{"name":55},{"id":792,"name":793,"tactic":794},"D3-PLA","Process Lineage Analysis",{"name":55},{"id":796,"name":797,"tactic":798},"D3-PSMD","Process Self-Modification Detection",{"name":55},{"id":318,"name":319,"tactic":800},{"name":55},{"id":69,"name":70,"tactic":802},{"name":72},{"id":804,"name":805,"tactic":806},"D3-PT","Process Termination",{"name":72},{"id":808,"name":809,"tactic":810},"D3-PS","Process Suspension",{"name":72},{"id":812,"name":813,"tactic":814},"D3-HR","Host Reboot",{"name":72},{"id":816,"name":817,"tactic":818},"D3-HS","Host Shutdown",{"name":72},{"id":78,"name":79,"tactic":820},{"name":81},{"id":92,"name":93,"tactic":822},{"name":86},{"id":824,"name":825,"tactic":826},"D3-PSEP","Process Segment Execution Prevention",{"name":86},{"id":828,"name":829,"tactic":830},"D3-SAOR","Segment Address Offset Randomization",{"name":86},{"id":101,"name":102,"tactic":832},{"name":99},{"id":834,"name":835,"tactic":836},"D3-RD","Restore Database",{"name":99},{"id":110,"name":111,"tactic":838},{"name":108},{"id":114,"name":115,"tactic":840},{"name":108},{"id":118,"name":119,"tactic":842},{"name":108},{"id":105,"name":106,"tactic":844},{"name":108},{"id":122,"name":123,"tactic":846},{"name":108},{"id":330,"name":331,"tactic":848},{"name":108},{"id":850,"name":851,"tactic":852},"D3-KBPI","Kernel-based Process Isolation",{"name":108},{"id":352,"name":353,"tactic":854},{"name":108},{"id":856,"name":857,"tactic":858},"D3-ABPI","Application-based Process Isolation",{"name":108},{"id":860,"name":861,"tactic":862},"D3-WSAM","Web Session Access Mediation",{"name":108},{"id":864,"name":865,"tactic":866},"D3-DTP","Domain Trust Policy",{"name":108},{"id":126,"name":127,"tactic":868},{"name":108},{"id":130,"name":131,"tactic":870},{"name":108},{"id":872,"name":873,"techniques":874},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":876,"name":877,"techniques":878},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[879,931],{"id":880,"name":881,"tactics":882,"countermeasures":886},"T1134.001","Token Impersonation/Theft",[883,884,885],{"id":40,"name":41},{"id":43,"name":44},{"id":141,"name":142},[887,891,895,899,903,907,911,915,919,923,927],{"id":888,"name":889,"tactic":890},"D3-CCSA","Credential Compromise Scope Analysis",{"name":55},{"id":892,"name":893,"tactic":894},"D3-CR","Credential Revocation",{"name":72},{"id":896,"name":897,"tactic":898},"D3-ANCI","Authentication Cache Invalidation",{"name":72},{"id":900,"name":901,"tactic":902},"D3-DUC","Decoy User Credential",{"name":81},{"id":904,"name":905,"tactic":906},"D3-CH","Credential Hardening",{"name":86},{"id":908,"name":909,"tactic":910},"D3-MFA","Multi-factor Authentication",{"name":86},{"id":912,"name":913,"tactic":914},"D3-CRO","Credential Rotation",{"name":86},{"id":916,"name":917,"tactic":918},"D3-TB","Token Binding",{"name":86},{"id":920,"name":921,"tactic":922},"D3-TBA","Token-based Authentication",{"name":86},{"id":924,"name":925,"tactic":926},"D3-RIC","Reissue Credential",{"name":99},{"id":928,"name":929,"tactic":930},"D3-CTS","Credential Transmission Scoping",{"name":108},{"id":932,"name":933,"tactics":934,"countermeasures":939},"T1550.004","Web Session Cookie",[935,936],{"id":40,"name":41},{"id":937,"name":938},"TA0109","Lateral Movement",[940,942,944,946,948,950,952,954,956,958,960,962,964,966,968,970,972,974,976,978,980,982,984,986,988,990,992,994,996,998],{"id":286,"name":287,"tactic":941},{"name":55},{"id":290,"name":291,"tactic":943},{"name":55},{"id":294,"name":295,"tactic":945},{"name":55},{"id":298,"name":299,"tactic":947},{"name":55},{"id":302,"name":303,"tactic":949},{"name":55},{"id":306,"name":307,"tactic":951},{"name":55},{"id":310,"name":311,"tactic":953},{"name":55},{"id":314,"name":315,"tactic":955},{"name":55},{"id":792,"name":793,"tactic":957},{"name":55},{"id":796,"name":797,"tactic":959},{"name":55},{"id":318,"name":319,"tactic":961},{"name":55},{"id":888,"name":889,"tactic":963},{"name":55},{"id":804,"name":805,"tactic":965},{"name":72},{"id":808,"name":809,"tactic":967},{"name":72},{"id":812,"name":813,"tactic":969},{"name":72},{"id":816,"name":817,"tactic":971},{"name":72},{"id":892,"name":893,"tactic":973},{"name":72},{"id":896,"name":897,"tactic":975},{"name":72},{"id":900,"name":901,"tactic":977},{"name":81},{"id":904,"name":905,"tactic":979},{"name":86},{"id":908,"name":909,"tactic":981},{"name":86},{"id":912,"name":913,"tactic":983},{"name":86},{"id":924,"name":925,"tactic":985},{"name":99},{"id":344,"name":345,"tactic":987},{"name":108},{"id":850,"name":851,"tactic":989},{"name":108},{"id":330,"name":331,"tactic":991},{"name":108},{"id":352,"name":353,"tactic":993},{"name":108},{"id":856,"name":857,"tactic":995},{"name":108},{"id":860,"name":861,"tactic":997},{"name":108},{"id":928,"name":929,"tactic":999},{"name":108},{"id":1001,"name":1002,"techniques":1003},"CAPEC-616","Establish Rogue Location",[1004],{"id":1005,"name":1006,"tactics":1007,"countermeasures":1010},"T1036.005","Match Legitimate Resource Name or Location",[1008,1009],{"id":40,"name":41},{"id":43,"name":44},[1011,1013,1015,1017,1019,1021,1023,1025,1027,1029,1031,1033,1035],{"id":276,"name":277,"tactic":1012},{"name":55},{"id":52,"name":53,"tactic":1014},{"name":55},{"id":57,"name":58,"tactic":1016},{"name":55},{"id":69,"name":70,"tactic":1018},{"name":72},{"id":78,"name":79,"tactic":1020},{"name":81},{"id":92,"name":93,"tactic":1022},{"name":86},{"id":101,"name":102,"tactic":1024},{"name":99},{"id":330,"name":331,"tactic":1026},{"name":108},{"id":110,"name":111,"tactic":1028},{"name":108},{"id":114,"name":115,"tactic":1030},{"name":108},{"id":118,"name":119,"tactic":1032},{"name":108},{"id":105,"name":106,"tactic":1034},{"name":108},{"id":122,"name":123,"tactic":1036},{"name":108},{"id":1038,"name":1039,"techniques":1040},"CAPEC-643","Identify Shared Files/Directories on System",[1041],{"id":1042,"name":1043,"tactics":1044,"countermeasures":1046},"T1135","Network Share Discovery",[1045],{"id":224,"name":225},[],{"id":1048,"name":1049,"techniques":1050},"CAPEC-646","Peripheral Footprinting",[1051],{"id":1052,"name":1053,"tactics":1054,"countermeasures":1056},"T1120","Peripheral Device Discovery",[1055],{"id":224,"name":225},[],{"id":1058,"name":1059,"techniques":1060},"CAPEC-651","Eavesdropping",[1061],{"id":1062,"name":1063,"tactics":1064,"countermeasures":1068},"T1111","Multi-Factor Authentication Interception",[1065],{"id":1066,"name":1067},"TA0031","Credential Access",[1069,1073],{"id":1070,"name":1071,"tactic":1072},"D3-HCI","Hardware Component Inventory",{"name":50},{"id":1074,"name":1075,"tactic":1076},"D3-RH","Radiation Hardening",{"name":86},{"id":1078,"name":1079,"techniques":1080},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[1083],"GHSA-xfqh-7356-vqjj",[],[1086,1088,1090,1092,1094],{"_key":1087},"RHSA-2019:3048",{"_key":1089},"RHSA-2019:3049",{"_key":1091},"RHSA-2019:3044",{"_key":1093},"RHSA-2019:3045",{"_key":1095},"RHSA-2019:3046",[],[],"2020-01-08T14:50:44.000Z","2024-08-05T00:26:39.126Z","Modified",{"cisa_kev":1102,"cisa_ransomware":1102,"cisa_vendor":9,"epss_severity":1103,"epss_score":1104,"severity":1105,"severity_score":1106,"severity_version":1107,"severity_source":1108,"severity_vector":1109,"severity_status":1100},false,"low",0.0031,"medium",4.3,"v3.0","cve.org","CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",[1111,1122],{"url":1112,"sources":1113,"tags":1116},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820",[1108,1114,1115],"nvd","osv_maven",[1117,1118,1119,1120,1121],"X Refsource CONFIRM","Issue Tracking","Patch","Third Party Advisory","WEB",{"url":1123,"sources":1124,"tags":1125},"https://nvd.nist.gov/vuln/detail/CVE-2019-14820",[1115],[1126],"Advisory",[],{"date":1129,"score":1104,"percentile":1130},"2026-06-04",0.54489,[1132,1135,1138,1141,1144,1147,1149,1152,1155,1158,1161,1164,1167,1169,1172,1176,1179,1182,1184,1187,1190,1193,1196,1199,1202,1205,1208,1211,1214,1217,1220,1223,1226,1228,1231,1233,1235,1238,1241,1244,1247,1250,1252,1255,1258,1261,1264,1267,1270,1273,1276,1278,1281,1284,1287,1290,1292,1294,1296,1299,1302,1305,1308,1311,1314,1317,1319,1321,1324,1326,1329,1331,1334,1337,1340,1342,1344,1346,1349,1351,1354,1357,1359,1362,1365,1368,1370,1373,1376,1379],{"date":1133,"score":1104,"percentile":1134},"2025-11-04",0.53713,{"date":1136,"score":1104,"percentile":1137},"2025-11-05",0.53675,{"date":1139,"score":1104,"percentile":1140},"2025-11-06",0.53691,{"date":1142,"score":1104,"percentile":1143},"2025-11-07",0.53716,{"date":1145,"score":1104,"percentile":1146},"2025-11-08",0.53718,{"date":1148,"score":1104,"percentile":1143},"2025-11-09",{"date":1150,"score":1104,"percentile":1151},"2025-11-10",0.5369,{"date":1153,"score":1104,"percentile":1154},"2025-11-11",0.53703,{"date":1156,"score":1104,"percentile":1157},"2025-11-12",0.53731,{"date":1159,"score":1104,"percentile":1160},"2025-11-13",0.53739,{"date":1162,"score":1104,"percentile":1163},"2025-11-14",0.5374,{"date":1165,"score":1104,"percentile":1166},"2025-11-15",0.53735,{"date":1168,"score":1104,"percentile":1143},"2025-11-16",{"date":1170,"score":1104,"percentile":1171},"2025-11-17",0.53699,{"date":1173,"score":1174,"percentile":1175},"2025-11-18",0.00182,0.3523,{"date":1177,"score":1174,"percentile":1178},"2025-11-19",0.35239,{"date":1180,"score":1174,"percentile":1181},"2025-11-20",0.35226,{"date":1183,"score":1104,"percentile":1143},"2025-11-21",{"date":1185,"score":1104,"percentile":1186},"2025-11-22",0.53714,{"date":1188,"score":1104,"percentile":1189},"2025-11-23",0.53674,{"date":1191,"score":1104,"percentile":1192},"2025-11-24",0.53665,{"date":1194,"score":1104,"percentile":1195},"2025-11-25",0.53673,{"date":1197,"score":1104,"percentile":1198},"2025-11-26",0.53676,{"date":1200,"score":1104,"percentile":1201},"2025-11-27",0.53681,{"date":1203,"score":1104,"percentile":1204},"2025-11-28",0.53654,{"date":1206,"score":1104,"percentile":1207},"2025-11-29",0.53637,{"date":1209,"score":1104,"percentile":1210},"2025-11-30",0.53631,{"date":1212,"score":1104,"percentile":1213},"2025-12-01",0.53781,{"date":1215,"score":1104,"percentile":1216},"2025-12-02",0.53797,{"date":1218,"score":1104,"percentile":1219},"2025-12-03",0.53793,{"date":1221,"score":1104,"percentile":1222},"2025-12-04",0.5364,{"date":1224,"score":1104,"percentile":1225},"2025-12-05",0.53659,{"date":1227,"score":1104,"percentile":1225},"2025-12-06",{"date":1229,"score":1104,"percentile":1230},"2025-12-07",0.53649,{"date":1232,"score":1104,"percentile":1230},"2025-12-08",{"date":1234,"score":1104,"percentile":1192},"2025-12-09",{"date":1236,"score":1104,"percentile":1237},"2025-12-10",0.53723,{"date":1239,"score":1104,"percentile":1240},"2025-12-11",0.53745,{"date":1242,"score":1104,"percentile":1243},"2025-12-12",0.53772,{"date":1245,"score":1104,"percentile":1246},"2025-12-13",0.53768,{"date":1248,"score":1104,"percentile":1249},"2025-12-14",0.53757,{"date":1251,"score":1104,"percentile":1240},"2025-12-15",{"date":1253,"score":1104,"percentile":1254},"2025-12-16",0.53758,{"date":1256,"score":1104,"percentile":1257},"2025-12-17",0.5378,{"date":1259,"score":1104,"percentile":1260},"2025-12-18",0.53818,{"date":1262,"score":1104,"percentile":1263},"2025-12-19",0.5382,{"date":1265,"score":1104,"percentile":1266},"2025-12-20",0.53808,{"date":1268,"score":1104,"percentile":1269},"2025-12-21",0.53789,{"date":1271,"score":1104,"percentile":1272},"2025-12-22",0.53767,{"date":1274,"score":1104,"percentile":1275},"2025-12-23",0.53769,{"date":1277,"score":1104,"percentile":1257},"2025-12-24",{"date":1279,"score":1104,"percentile":1280},"2025-12-25",0.53827,{"date":1282,"score":1104,"percentile":1283},"2025-12-26",0.53821,{"date":1285,"score":1104,"percentile":1286},"2025-12-27",0.53871,{"date":1288,"score":1104,"percentile":1289},"2025-12-28",0.53799,{"date":1291,"score":1104,"percentile":1257},"2025-12-29",{"date":1293,"score":1104,"percentile":1243},"2025-12-30",{"date":1295,"score":1104,"percentile":1269},"2025-12-31",{"date":1297,"score":1104,"percentile":1298},"2026-01-01",0.53954,{"date":1300,"score":1104,"percentile":1301},"2026-01-02",0.53934,{"date":1303,"score":1104,"percentile":1304},"2026-01-03",0.53927,{"date":1306,"score":1104,"percentile":1307},"2026-01-04",0.53761,{"date":1309,"score":1104,"percentile":1310},"2026-01-05",0.53747,{"date":1312,"score":1104,"percentile":1313},"2026-01-06",0.53753,{"date":1315,"score":1104,"percentile":1316},"2026-01-07",0.53778,{"date":1318,"score":1104,"percentile":1289},"2026-01-08",{"date":1320,"score":1104,"percentile":1219},"2026-01-09",{"date":1322,"score":1104,"percentile":1323},"2026-01-10",0.53792,{"date":1325,"score":1104,"percentile":1243},"2026-01-11",{"date":1327,"score":1104,"percentile":1328},"2026-01-12",0.53724,{"date":1330,"score":1104,"percentile":1154},"2026-01-13",{"date":1332,"score":1104,"percentile":1333},"2026-01-14",0.53746,{"date":1335,"score":1104,"percentile":1336},"2026-01-15",0.53749,{"date":1338,"score":1104,"percentile":1339},"2026-01-16",0.53771,{"date":1341,"score":1104,"percentile":1254},"2026-01-17",{"date":1343,"score":1104,"percentile":1333},"2026-01-18",{"date":1345,"score":1104,"percentile":1160},"2026-01-19",{"date":1347,"score":1104,"percentile":1348},"2026-01-20",0.53742,{"date":1350,"score":1104,"percentile":1310},"2026-01-21",{"date":1352,"score":1104,"percentile":1353},"2026-01-22",0.53754,{"date":1355,"score":1104,"percentile":1356},"2026-01-23",0.53798,{"date":1358,"score":1104,"percentile":1356},"2026-01-24",{"date":1360,"score":1104,"percentile":1361},"2026-01-25",0.53756,{"date":1363,"score":1104,"percentile":1364},"2026-01-26",0.53741,{"date":1366,"score":1104,"percentile":1367},"2026-01-27",0.53752,{"date":1369,"score":1104,"percentile":1275},"2026-01-28",{"date":1371,"score":1104,"percentile":1372},"2026-01-29",0.53765,{"date":1374,"score":1104,"percentile":1375},"2026-01-30",0.5377,{"date":1377,"score":1104,"percentile":1378},"2026-01-31",0.53777,{"date":1380,"score":1104,"percentile":1381},"2026-02-01",0.53916,[1383,1388,1397],{"source":1108,"cvss_v2_0":9,"cvss_v3_0":1384,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":1106,"baseSeverity":1385,"vectorString":1109,"impactScore":1386,"exploitabilityScore":1387},"MEDIUM",2.3,7.2,{"source":1114,"cvss_v2_0":1389,"cvss_v3_0":1394,"cvss_v3_1":1395,"cvss_v4_0":9},{"baseScore":1390,"baseSeverity":9,"vectorString":1391,"impactScore":1392,"exploitabilityScore":1393},4,"AV:N/AC:L/Au:S/C:P/I:N/A:N",2.9,8,{"baseScore":1106,"baseSeverity":1385,"vectorString":1109,"impactScore":1386,"exploitabilityScore":1387},{"baseScore":1106,"baseSeverity":1385,"vectorString":1396,"impactScore":1386,"exploitabilityScore":1387},"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",{"source":1115,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":1398,"cvss_v4_0":9},{"baseScore":1106,"baseSeverity":9,"vectorString":1396,"impactScore":1386,"exploitabilityScore":1387},[1400,1407,1420,1430,1436,1440],{"ecosystem":9,"name":1401,"vendor":1401,"product":1401,"cpe_part":1402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1403},"keycloak","a",[1404],{"version":1405,"is_range":1102,"range_type":1108,"version_start":1405,"version_start_type":1406,"version_end":1405,"version_end_type":1406,"fixed_in":9},"fixed in 8.0.0","including",{"ecosystem":1408,"name":1409,"vendor":1410,"product":1411,"cpe_part":9,"purl_type":1412,"purl_namespace":1410,"purl_name":1411,"source":9,"versions":1413},"Maven","org.keycloak:keycloak-core","org.keycloak","keycloak-core","maven",[1414],{"version":1415,"is_range":1416,"range_type":1417,"version_start":9,"version_start_type":9,"version_end":1418,"version_end_type":1419,"fixed_in":9},"lt8_0_0",true,"ecosystem","8.0.0","excluding",{"ecosystem":9,"name":1421,"vendor":1422,"product":1423,"cpe_part":1402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1424},"jboss enterprise application platform","redhat","jboss_enterprise_application_platform",[1425,1428],{"version":1426,"is_range":1102,"range_type":1427,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.4.0","cpe",{"version":1429,"is_range":1102,"range_type":1427,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.2.0",{"ecosystem":9,"name":1431,"vendor":1422,"product":1432,"cpe_part":1402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1433},"jboss fuse","jboss_fuse",[1434],{"version":1435,"is_range":1102,"range_type":1427,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0.0",{"ecosystem":9,"name":1401,"vendor":1422,"product":1401,"cpe_part":1402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1437},[1438],{"version":1439,"is_range":1416,"range_type":1427,"version_start":9,"version_start_type":9,"version_end":1418,"version_end_type":1419,"fixed_in":9},"lt8.0.0",{"ecosystem":9,"name":1441,"vendor":1422,"product":1442,"cpe_part":1402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1443},"single sign-on","single_sign-on",[1444],{"version":1445,"is_range":1102,"range_type":1427,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.3"]