What is the ForgeRock CNA?
ForgeRock is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 9 CVE records since 2022.
How many CVEs has ForgeRock published?
ForgeRock has published 9 CVE records, including 1 in the last two years.
What is ForgeRock's CVE data quality grade?
RadicalNotion.AI grades ForgeRock's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does ForgeRock publish CVEs for?
ForgeRock most frequently publishes CVEs for Access Management, LDAP Connector, Access Management Java Policy Agent, Access Management Web Policy Agent, java policy agents.
Which vendors does ForgeRock cover?
ForgeRock publishes CVEs across 3 distinct vendors, most often ForgeRock, ForgeRock Inc..
Is ForgeRock actively publishing CVEs?
ForgeRock is currently active, based on 1 CVEs in the last two years.
What is the average severity of ForgeRock's CVEs?
The average CVSS base score across ForgeRock's scored CVEs is 8.5.
How many critical CVEs has ForgeRock published?
ForgeRock has published 5 critical-severity CVEs and 3 high-severity CVEs.
Are any of ForgeRock's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of ForgeRock's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in ForgeRock's CVEs?
ForgeRock's CVEs most often map to these CWE weakness types: CWE-284 (Improper Access Control), CWE-23 (Relative Path Traversal), CWE-862 (Missing Authorization), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor).
How does ForgeRock rank among CNAs?
By total CVE volume, ForgeRock ranks #319 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
