FKIE_CVE-2024-12369

Vulnerability from fkie_nvd - Published: 2024-12-09 21:15 - Updated: 2025-10-02 12:15
Severity ?
4.2 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the elytron-oidc-client subsystem with EAP 8.x, authorization code injection attacks can occur, allowing an attacker to inject a stolen authorization code into the attacker's own session with the client with a victim's identity. This is usually done with a Man-in-the-Middle (MitM) or phishing attack.
References
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:3989
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2024-12369
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2331178
secalert@redhat.comhttps://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb
secalert@redhat.comhttps://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb
secalert@redhat.comhttps://github.com/wildfly-security/wildfly-elytron/pull/2253
secalert@redhat.comhttps://github.com/wildfly-security/wildfly-elytron/pull/2261
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or when using the elytron-oidc-client subsystem with EAP 8.x, authorization code injection attacks can occur, allowing an attacker to inject a stolen authorization code into the attacker\u0027s own session with the client with a victim\u0027s identity. This is usually done with a Man-in-the-Middle (MitM) or phishing attack."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una vulnerabilidad en OIDC-Client. Al utilizar el adaptador RH SSO OIDC con EAP 7.x o al utilizar el subsistema elytron-oidc-client con EAP 8.x, pueden producirse ataques de inyecci\u00f3n de c\u00f3digo de autorizaci\u00f3n, lo que permite a un atacante inyectar un c\u00f3digo de autorizaci\u00f3n robado en la propia sesi\u00f3n del atacante con el cliente con la identidad de la v\u00edctima. Esto suele hacerse con un ataque de tipo Man-in-the-Middle (MitM) o de phishing."
    }
  ],
  "id": "CVE-2024-12369",
  "lastModified": "2025-10-02T12:15:28.397",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 2.5,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-09T21:15:08.203",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:3989"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-12369"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331178"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/wildfly-security/wildfly-elytron/commit/5ac5e6bbcba58883b3cebb2ddbcec4de140c5ceb"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/wildfly-security/wildfly-elytron/commit/d7754f5a6a91ceb0f4dbbbfe301991f6a55404cb"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/wildfly-security/wildfly-elytron/pull/2253"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/wildfly-security/wildfly-elytron/pull/2261"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.