gsd-2022-1274
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2022-1274", "id": "GSD-2022-1274", "references": [ "https://access.redhat.com/errata/RHSA-2023:1043", "https://access.redhat.com/errata/RHSA-2023:1044", "https://access.redhat.com/errata/RHSA-2023:1045", "https://access.redhat.com/errata/RHSA-2023:1047", "https://access.redhat.com/errata/RHSA-2023:1049" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2022-1274" ], "details": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "id": "GSD-2022-1274", "modified": "2023-12-13T01:19:28.091830Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2022-1274", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "keycloak", "version": { "version_data": [ { "version_value": "unknown" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-80" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "name": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "refsource": "MISC", "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" }, { "name": "https://herolab.usd.de/security-advisories/usd-2021-0033/", "refsource": "MISC", "url": "https://herolab.usd.de/security-advisories/usd-2021-0033/" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "(,20.0.5)", "affected_versions": "All versions before 20.0.5", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2023-04-08", "description": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users.", "fixed_versions": [ "20.0.5" ], "identifier": "CVE-2022-1274", "identifiers": [ "CVE-2022-1274", "GHSA-m4fv-gm5m-4725" ], "not_impacted": "All versions starting from 20.0.5", "package_slug": "maven/org.keycloak/keycloak-core", "pubdate": "2023-03-29", "solution": "Upgrade to version 20.0.5 or above.", "title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2022-1274", "https://bugzilla.redhat.com/show_bug.cgi?id=2073157", "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" ], "uuid": "cfa75bbe-9369-4904-98ac-6c178d6946e1" }, { "affected_range": "(,20.0.5)", "affected_versions": "All versions before 20.0.5", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2023-04-08", "description": "The `execute-actions-email` endpoint of the Keycloak Admin REST API allows a malicious actor to send emails containing phishing links to Keycloak users.\n", "fixed_versions": [ "20.0.5" ], "identifier": "GMS-2023-528", "identifiers": [ "CVE-2022-1274", "GHSA-m4fv-gm5m-4725", "GMS-2023-528" ], "not_impacted": "All versions starting from 20.0.5", "package_slug": "maven/org.keycloak/keycloak-services", "pubdate": "2023-03-29", "solution": "Upgrade to version 20.0.5 or above.", "title": "HTML Injection in Keycloak Admin REST API", "urls": [ "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725", "https://github.com/keycloak/keycloak/pull/16764", "https://github.com/keycloak/keycloak/commit/fc3c61235fa30132123c17ed8702ff7b3a672fe9", "https://github.com/advisories/GHSA-m4fv-gm5m-4725" ], "uuid": "37f37dae-0143-4c23-a3f2-33625ee10937" } ] }, "nvd.nist.gov": { "cve": { "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "matchCriteriaId": "C041BC2A-D8E2-4C32-8CD3-CC4C624017E5", "versionEndExcluding": "20.0.5", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:single_sign-on:*:*:*:*:*:*:*:*", "matchCriteriaId": "A04D1D61-39A9-46A4-9245-0602F8E2B5D5", "versionEndExcluding": "7.6.2", "versionStartIncluding": "7.6", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "81609549-25CE-4C8A-9DE3-170D23704208", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "0595C9F8-9C7A-4FC1-B7EE-52978A1B1E93", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE1552C-9398-4952-AD8C-777DF9587043", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420", "vulnerable": false }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2FD90EA8-3C35-48E1-A3B5-FEB6E3207E62", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users." } ], "id": "CVE-2022-1274", "lastModified": "2023-12-22T16:15:07.353", "metrics": { "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2023-03-29T21:15:07.853", "references": [ { "source": "secalert@redhat.com", "tags": [ "Issue Tracking", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073157" }, { "source": "secalert@redhat.com", "tags": [ "Third Party Advisory" ], "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725" }, { "source": "secalert@redhat.com", "url": "https://herolab.usd.de/security-advisories/usd-2021-0033/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-80" } ], "source": "secalert@redhat.com", "type": "Secondary" } ] } } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.