LogoLogo
Keeper Connection Manager
Keeper Connection Manager
  • Overview
  • Security Architecture
  • Installation
    • License Key
    • System Requirements
    • Preparing for Installation
    • Auto Docker Install
      • Service Management
      • Upgrading
      • Adding Packages
    • Docker Compose Install
      • keeper/guacamole
      • keeper/guacd
      • Database images
        • keeper/guacamole-db-mysql
        • keeper/guacamole-db-postgres
      • SSL Termination
        • keeper/guacamole-ssl-nginx
        • Using a Custom SSL Cert
      • Upgrading
    • Backup & Recovery
  • Authentication Options
    • SSO Auth (SAML)
      • Microsoft Azure
      • Okta
      • Google Workspace
      • OneLogin
      • Oracle
      • PingIdentity
    • 2FA with TOTP
    • 2FA with Duo
    • SSL/TLS Client Authentication
    • Multiple Hostnames
    • PIV/CAC/Smart cards
    • Account Approve/Deny Workflow
    • OpenID Connect Auth
    • LDAP Auth
      • Using Multiple LDAP Servers
      • Storing connection data within LDAP
      • Using LDAP with a database
  • Connection Protocols
    • RDP
    • SSH
    • VNC
    • Telnet
    • Remote Browser Isolation
    • Kubernetes
    • MySQL
      • Importing and Exporting
      • Keyboard Shortcuts
    • PostgreSQL
      • Importing and Exporting
      • Keyboard Shortcuts
    • Microsoft SQL Server
      • Importing and Exporting
      • Keyboard Shortcuts
    • Connecting to Host Instance
    • Persistent Reverse SSH Tunnel
      • AutoSSH as a Windows Service
      • Linux - AutoSSH
      • Windows - OpenSSH
  • How to Use KCM
    • Login Screen
    • Home Screen
    • Creating Connections
      • Batch Import and API
    • How to Use KCM
    • File Transfer Config
    • Sharing Connections
    • Session Recording and Playback
    • AWS EC2 Discovery
    • Credential Pass-Through
    • Dynamic Connections
    • Custom Branding
      • Add Your Logo
  • Vault Integration
    • Connecting KCM to your Vault
    • Dynamic Tokens
    • Static Tokens
    • Multiple Vaults Integration
    • EC2 Cloud Connector
    • Advanced
    • KeeperPAM
  • Custom Extensions
  • Guest Mode
  • Advanced Configuration
    • guacamole.properties
      • SAML 2.0 Authentication Configuration Properties
      • Duo Two-Factor Authentication Configuration Properties
      • Encrypted JSON Configuration Properties
      • LDAP Configuration Properties
      • MySQL / MariaDB Configuration Properties
      • PostgreSQL Configuration Properties
      • SQL Server Configuration Properties
      • Login Attempts Properties
  • Troubleshooting
  • Importing Connections
  • Exporting Connections
  • High Availability
  • Pre-Release Testing
  • Changelog
  • Licensing and Open Source
  • Scope of Support
  • Security Advisories
  • Accessibility Conformance
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page

Was this helpful?

Export as PDF

Security Advisories

Keeper Connection Manager Security Advisories

PreviousScope of SupportNextAccessibility Conformance

Last updated 7 months ago

Was this helpful?

Vulnerability Disclosure Program

Keeper has partnered with Bugcrowd to manage our vulnerability disclosure program. Please submit reports through or send an email to security@keepersecurity.com.

Severity (CVSS v3.1 score)
CVE ID
Description
Fixed in Keeper Connection Manager (or legacy Glyptodon) Release

Low (1.8)

CVE-2020-9497

Improper input validation of RDP static virtual channels

1.13, 2.1

Medium (5.9)

CVE-2020-9498

Dangling pointer in RDP static virtual channel handling

1.13, 2.1

Medium (4.1)

CVE-2020-11997

Inconsistent restriction of connection history visibility

1.14, 2.2

Medium (4.4)

CVE-2021-41767

Private tunnel identifier may be included in the non-private details of active connections

1.16, 2.6

High (8.7)

CVE-2021-43999

Improper validation of SAML responses

2.7

Severity rating scale

Keeper Connection Manager evaluates the factual details of each known vulnerability affecting Keeper Connection Manager and assigns severity ratings using the , a standard owned by which FIRST has made freely available for public use. This scoring system produces a numeric rating between 0.0 and 10.0, which we then classify according to . The specific analysis that went into each assigned score can also be found within the document specific to the vulnerability, linked within the main table above.

Severity
CVSS score range

None

0.0

Low

0.1 - 3.9

Medium

4.0 - 6.9

High

7.0 - 8.9

Critical

9.0 - 10.0

https://bugcrowd.com/keepersecurity
CVSS v3.1 scoring system
FIRST.Org, Inc.
the "Qualitative Severity Rating Scale" published with the CVSS standard