From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: Bug 2301876 (CVE-2024-7318) 2. Vulnerability Name: keycloak-core: One Time Passcode (OTP) is valid longer than expiration time 3. Vulnerability Description: A vulnerability was discovered where expired OTP codes in Keycloak can still be used when using FreeOTP, especially when the OTP token period is set to 30 seconds (default). In practice, these tokens remain valid for 30 seconds after expiration, totaling 1 minute. This expands the attack window, allowing malicious attackers to exploit the vulnerability to abuse the system and steal accounts. 4. Vulnerability Type: Security Vulnerability 5. Vulnerability Severity: Low 6. Report Date: July 31, 2024 7. Fixed Version: Not specified 8. Affected Product: Not specified 9. Affected Hardware: All 10. Affected Operating System: Linux 11. Priority: Low 12. Status: New 13. Reporter: Patrick Del Bello 14. Fix Date: September 9, 2024 15. Fix Description: Fixed the issue where expired OTP codes remained usable under the default OTP policy settings. Specifically, fixed the problem where OTP tokens, when set to a 30-second period, remained valid for 30 seconds after expiration (totaling 1 minute) when used with FreeOTP. 16. Affected Product: Red Hat Product Errata 17. Affected Product Links: RHSA-2024:6502 and RHSA-2024:6503 This information helps understand the nature, scope of impact, and remediation status of the vulnerability.