Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2024-0914
Vulnerability from csaf_certbund
Published
2024-04-16 22:00
Modified
2024-12-17 23:00
Summary
Red Hat Enterprise Linux (keycloak): Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-0914 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0914.json", }, { category: "self", summary: "WID-SEC-2024-0914 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0914", }, { category: "external", summary: "Red Hat Security Advisory vom 2024-04-16", url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { category: "external", summary: "Red Hat Security Advisory vom 2024-04-16", url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:2945 vom 2024-05-21", url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:3752 vom 2024-06-10", url: "https://access.redhat.com/errata/RHSA-2024:3752", }, { category: "external", summary: "RedHat Security Advisory", url: "https://access.redhat.com/errata/RHSA-2024:3919", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:3989 vom 2024-06-20", url: "https://access.redhat.com/errata/RHSA-2024:3989", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:4057 vom 2024-06-24", url: "https://access.redhat.com/errata/RHSA-2024:4057", }, { category: "external", summary: "Hitachi Vulnerability Information HITACHI-SEC-2024-152 vom 2024-12-17", url: "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-152/index.html", }, ], source_lang: "en-US", title: "Red Hat Enterprise Linux (keycloak): Mehrere Schwachstellen", tracking: { current_release_date: "2024-12-17T23:00:00.000+00:00", generator: { date: "2024-12-18T10:28:17.790+00:00", engine: { name: "BSI-WID", version: "1.3.10", }, }, id: "WID-SEC-W-2024-0914", initial_release_date: "2024-04-16T22:00:00.000+00:00", revision_history: [ { date: "2024-04-16T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-05-21T22:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-06-10T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-06-13T22:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-06-19T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-06-23T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2024-12-17T23:00:00.000+00:00", number: "7", summary: "Neue Updates von HITACHI aufgenommen", }, ], status: "final", version: "7", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Hitachi Ops Center", product: { name: "Hitachi Ops Center", product_id: "T017562", product_identification_helper: { cpe: "cpe:/a:hitachi:ops_center:-", }, }, }, ], category: "vendor", name: "Hitachi", }, { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, { category: "product_version_range", name: "Keycloak <22.0.10", product: { name: "Red Hat Enterprise Linux Keycloak <22.0.10", product_id: "T034284", }, }, { category: "product_version", name: "Keycloak 22.0.10", product: { name: "Red Hat Enterprise Linux Keycloak 22.0.10", product_id: "T034284-fixed", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:keycloak__22.0.10", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "T035142", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "product_name", name: "Enterprise Linux", }, { branches: [ { category: "product_version_range", name: "Broker <7.12.0", product: { name: "Red Hat JBoss A-MQ Broker <7.12.0", product_id: "T034934", }, }, { category: "product_version", name: "Broker 7.12.0", product: { name: "Red Hat JBoss A-MQ Broker 7.12.0", product_id: "T034934-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_amq:broker__7.12.0", }, }, }, ], category: "product_name", name: "JBoss A-MQ", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-0657", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-0657", }, { cve: "CVE-2023-3597", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-3597", }, { cve: "CVE-2023-6484", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-6484", }, { cve: "CVE-2023-6544", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-6544", }, { cve: "CVE-2023-6717", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-6717", }, { cve: "CVE-2023-6787", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2023-6787", }, { cve: "CVE-2024-1132", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-1132", }, { cve: "CVE-2024-1249", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-1249", }, { cve: "CVE-2024-2419", notes: [ { category: "description", text: "Es bestehen mehrere Schwachstellen in Red Hat Enterprise Linux. Diese Fehler bestehen im keycloak-Paket aufgrund verschiedener sicherheitsrelevanter Probleme, wie z.B. einer Log-Injection oder einer unsachgemäßen Validierung von URLs. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, Cross-Site-Scripting (XSS)-Angriffe durchzuführen oder einen Denial-of-Service-Zustand zu verursachen. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden.", }, ], product_status: { known_affected: [ "67646", "T034934", "T035142", "T034284", "T017562", ], }, release_date: "2024-04-16T22:00:00.000+00:00", title: "CVE-2024-2419", }, ], }
cve-2024-1132
Vulnerability from cvelistv5
Published
2024-04-17 13:21
Modified
2025-03-03 14:54
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 21.1.0 ≤ Version: 23.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-1132", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-23T18:37:10.567431Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:59:39.871Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:26:30.564Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:3752", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:3752", }, { name: "RHSA-2024:3762", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:3762", }, { name: "RHSA-2024:3919", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:3919", }, { name: "RHSA-2024:3989", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:3989", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-1132", }, { name: "RHBZ#2262117", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262117", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "21.1.0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", ], defaultStatus: "affected", packageName: "mtr/mtr-operator-bundle", product: "Migration Toolkit for Runtimes 1 on RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.2-23", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", ], defaultStatus: "affected", packageName: "mtr/mtr-rhel8-operator", product: "Migration Toolkit for Runtimes 1 on RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.2-15", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", ], defaultStatus: "affected", packageName: "mtr/mtr-web-container-rhel8", product: "Migration Toolkit for Runtimes 1 on RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.2-16", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:migration_toolkit_runtimes:1.0::el8", ], defaultStatus: "affected", packageName: "mtr/mtr-web-executor-container-rhel8", product: "Migration Toolkit for Runtimes 1 on RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.2-14", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:6.2::el8", "cpe:/a:redhat:migration_toolkit_applications:6.2::el9", ], defaultStatus: "affected", packageName: "mta/mta-windup-addon-rhel9", product: "MTA-6.2-RHEL-9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "6.2.3-2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:amq_broker:7.10", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat AMQ Broker 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:amq_broker:7.11", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat AMQ Broker 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:amq_broker:7.12", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat AMQ Broker 7", vendor: "Red Hat", }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-46", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak", product: "RHSSO 7.6.8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:service_registry:2", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat build of Apicurio Registry 2", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:quarkus:3", ], defaultStatus: "affected", packageName: "org.keycloak/keycloak-core", product: "Red Hat build of Quarkus", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_data_grid:8", ], defaultStatus: "unaffected", packageName: "org.wildfly.security-wildfly-elytron-parent", product: "Red Hat Data Grid 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_brms_platform:7", ], defaultStatus: "unknown", packageName: "keycloak", product: "Red Hat Decision Manager 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_fuse:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Fuse 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_data_grid:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Data Grid 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Process Automation 7", vendor: "Red Hat", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Axel Flamcourt for reporting this issue.", }, ], datePublic: "2024-04-16T00:00:00.000Z", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-03T14:54:33.245Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:3752", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:3752", }, { name: "RHSA-2024:3762", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:3762", }, { name: "RHSA-2024:3919", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:3919", }, { name: "RHSA-2024:3989", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:3989", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-1132", }, { name: "RHBZ#2262117", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262117", }, ], timeline: [ { lang: "en", time: "2024-01-31T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: path transversal in redirection validation", workarounds: [ { lang: "en", value: "No current mitigation is available for this vulnerability.", }, ], x_redhatCweChain: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-1132", datePublished: "2024-04-17T13:21:19.130Z", dateReserved: "2024-01-31T17:07:33.455Z", dateUpdated: "2025-03-03T14:54:33.245Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6787
Vulnerability from cvelistv5
Published
2024-04-25 16:02
Modified
2025-03-14 14:58
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-6787 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2254375 | issue-tracking, x_refsource_REDHAT | |
| https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ Version: 0 ≤ |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-6787", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-25T19:40:17.217959Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287 Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-04T17:17:12.505Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T08:42:07.631Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6787", }, { name: "RHBZ#2254375", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254375", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak-core", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7", ], defaultStatus: "affected", packageName: "keycloak-core", product: "Red Hat Single Sign-On 7", vendor: "Red Hat", }, ], datePublic: "2024-02-21T00:00:00.000Z", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter \"prompt=login,\" prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting \"Restart login,\" an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-14T14:58:31.194Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6787", }, { name: "RHBZ#2254375", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254375", }, { url: "https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj", }, ], timeline: [ { lang: "en", time: "2023-05-03T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-02-21T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: session hijacking via re-authentication", x_redhatCweChain: "CWE-287: Improper Authentication", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6787", datePublished: "2024-04-25T16:02:32.916Z", dateReserved: "2023-12-13T16:22:00.344Z", dateUpdated: "2025-03-14T14:58:31.194Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6484
Vulnerability from cvelistv5
Published
2024-04-25 15:58
Modified
2024-12-06 14:51
Severity ?
EPSS score ?
Summary
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ Version: 23.0.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:28:21.872Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:0798", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { name: "RHSA-2024:0799", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { name: "RHSA-2024:0800", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { name: "RHSA-2024:0801", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { name: "RHSA-2024:0804", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1865", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1865", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6484", }, { name: "RHBZ#2248423", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2248423", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-6484", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-08-12T14:33:06.444846Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-12T14:33:17.644Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://www.keycloak.org/", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.9", status: "affected", version: "0", versionType: "semver", }, { lessThan: "23.0.5", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Single Sign-On 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.12-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-41", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-46", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso7-rhel8-init-container", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-16", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso7-rhel8-operator", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-18", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso7-rhel8-operator-bundle", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6.8-2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak-rhel9-operator-bundle-container", product: "RHSSO 7.6.8", vendor: "Red Hat", }, ], datePublic: "2023-12-04T00:00:00+00:00", descriptions: [ { lang: "en", value: "A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Low", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-117", description: "Improper Output Neutralization for Logs", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-06T14:51:02.963Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:0798", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0798", }, { name: "RHSA-2024:0799", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0799", }, { name: "RHSA-2024:0800", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0800", }, { name: "RHSA-2024:0801", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0801", }, { name: "RHSA-2024:0804", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0804", }, { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1865", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1865", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6484", }, { name: "RHBZ#2248423", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2248423", }, ], timeline: [ { lang: "en", time: "2023-11-06T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-12-04T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: log injection during webauthn authentication or registration", x_redhatCweChain: "CWE-117: Improper Output Neutralization for Logs", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6484", datePublished: "2024-04-25T15:58:18.169Z", dateReserved: "2023-12-04T10:48:43.809Z", dateUpdated: "2024-12-06T14:51:02.963Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-1249
Vulnerability from cvelistv5
Published
2024-04-17 13:22
Modified
2025-03-26 19:24
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak's OIDC component in the "checkLoginIframe," which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1860 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1861 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1862 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1864 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1866 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:2945 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:4057 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2024-1249 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2262918 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 21.1.0 ≤ Version: 23.0.0 ≤ |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-1249", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-25T17:33:02.839974Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T18:00:28.545Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T18:33:25.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4057", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-1249", }, { name: "RHBZ#2262918", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262918", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "21.1.0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:amq_broker:7.12", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat AMQ Broker 7", vendor: "Red Hat", }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-46", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-data-index-ephemeral-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-data-index-postgresql-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-operator-bundle", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-rhel8-operator", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-3", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-swf-builder-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-swf-devmode-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak", product: "RHSSO 7.6.8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:6", ], defaultStatus: "affected", packageName: "mta/mta-ui-rhel9", product: "Migration Toolkit for Applications 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:7", ], defaultStatus: "unaffected", packageName: "mta/mta-ui-rhel9", product: "Migration Toolkit for Applications 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:service_registry:2", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat build of Apicurio Registry 2", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_data_grid:8", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Data Grid 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_brms_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Decision Manager 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhdh:1", ], defaultStatus: "unaffected", packageName: "rhdh/rhdh-hub-rhel9", product: "Red Hat Developer Hub", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_fuse:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat Fuse 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_data_grid:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Data Grid 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak-adapter-eap6", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak-adapter-sso7_2-eap6", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak-adapter-sso7_3-eap6", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak-adapter-sso7_4-eap6", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak-adapter-sso7_5-eap6", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "org.keycloak-keycloak-parent", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "rh-sso7-keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:8", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jbosseapxp", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform Expansion Pack", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Process Automation 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:amq_streams:1", ], defaultStatus: "unaffected", packageName: "keycloak", product: "streams for Apache Kafka", vendor: "Red Hat", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Adriano Márcio Monteiro for reporting this issue.", }, ], datePublic: "2024-04-16T00:00:00.000Z", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak's OIDC component in the \"checkLoginIframe,\" which allows unvalidated cross-origin messages. This flaw allows attackers to coordinate and send millions of requests in seconds using simple code, significantly impacting the application's availability without proper origin validation for incoming messages.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-346", description: "Origin Validation Error", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-26T19:24:12.590Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4057", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-1249", }, { name: "RHBZ#2262918", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2262918", }, ], timeline: [ { lang: "en", time: "2024-02-06T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: org.keycloak.protocol.oidc: unvalidated cross-origin messages in checkloginiframe leads to ddos", workarounds: [ { lang: "en", value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", }, ], x_redhatCweChain: "CWE-346: Origin Validation Error", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-1249", datePublished: "2024-04-17T13:22:48.335Z", dateReserved: "2024-02-06T06:20:24.574Z", dateUpdated: "2025-03-26T19:24:12.590Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-3597
Vulnerability from cvelistv5
Published
2024-04-25 12:20
Modified
2024-12-27 14:16
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1866 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-3597 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2221760 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ Version: 23.0.0 ≤ |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-3597", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-02T15:08:53.952771Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:17:32.549Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T07:01:56.985Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-3597", }, { name: "RHBZ#2221760", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2221760", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://www.keycloak.org/", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", product: "RHSSO 7.6.8", vendor: "Red Hat", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Johannes Bergmann (Bosch) for reporting this issue.", }, ], datePublic: "2024-04-15T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "Improper Authentication", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-27T14:16:52.609Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-3597", }, { name: "RHBZ#2221760", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2221760", }, ], timeline: [ { lang: "en", time: "2023-07-10T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-15T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: secondary factor bypass in step-up authentication", x_redhatCweChain: "CWE-287: Improper Authentication", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-3597", datePublished: "2024-04-25T12:20:11.606Z", dateReserved: "2023-07-10T17:01:10.485Z", dateUpdated: "2024-12-27T14:16:52.609Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0657
Vulnerability from cvelistv5
Published
2024-11-17 10:19
Modified
2024-11-17 16:18
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-0657 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2166728 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ Version: 23.0.0 ≤ |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-0657", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-11-17T16:18:32.777591Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-17T16:18:51.475Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Single Sign-On 7", vendor: "Red Hat", }, ], datePublic: "2024-04-16T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Low", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 3.4, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-273", description: "Improper Check for Dropped Privileges", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-17T10:19:03.717Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-0657", }, { name: "RHBZ#2166728", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2166728", }, ], timeline: [ { lang: "en", time: "2023-02-02T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: impersonation via logout token exchange", x_redhatCweChain: "CWE-273: Improper Check for Dropped Privileges", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-0657", datePublished: "2024-11-17T10:19:03.717Z", dateReserved: "2023-02-02T18:49:19.373Z", dateUpdated: "2024-11-17T16:18:51.475Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6544
Vulnerability from cvelistv5
Published
2024-04-25 15:58
Modified
2024-11-24 21:10
Severity ?
EPSS score ?
Summary
A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1860 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1861 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1862 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1864 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1866 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-6544 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2253116 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 22.0.0 ≤ Version: 23.0.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-6544", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-25T19:19:09.097776Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:17:10.747Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T08:35:14.454Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6544", }, { name: "RHBZ#2253116", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253116", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaultStatus: "unaffected", packageName: "org.keycloak:keycloak-services", versions: [ { lessThan: "22.0.10", status: "affected", version: "22.0.0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak-core", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el7sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el8sso", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9", ], defaultStatus: "affected", packageName: "rh-sso7-keycloak", product: "Red Hat Single Sign-On 7.6 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:18.0.13-1.redhat_00001.1.el9sso", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhosemc:1.0::el8", ], defaultStatus: "affected", packageName: "rh-sso-7/sso76-openshift-rhel8", product: "RHEL-8 based Middleware Containers", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "7.6-46", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7.6", ], defaultStatus: "unaffected", packageName: "keycloak-core", product: "RHSSO 7.6.8", vendor: "Red Hat", }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Bastian Kanbach (Secure Systems DE [bastian.kanbach@securesystems.de]) for reporting this issue.", }, ], datePublic: "2024-04-16T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-625", description: "Permissive Regular Expression", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-24T21:10:49.330Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1860", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1860", }, { name: "RHSA-2024:1861", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1861", }, { name: "RHSA-2024:1862", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1862", }, { name: "RHSA-2024:1864", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1864", }, { name: "RHSA-2024:1866", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1866", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6544", }, { name: "RHBZ#2253116", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253116", }, ], timeline: [ { lang: "en", time: "2023-12-06T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: authorization bypass", workarounds: [ { lang: "en", value: "No mitigation is currently available for this flaw.", }, ], x_redhatCweChain: "CWE-625: Permissive Regular Expression", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6544", datePublished: "2024-04-25T15:58:47.204Z", dateReserved: "2023-12-06T05:42:36.249Z", dateUpdated: "2024-11-24T21:10:49.330Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6717
Vulnerability from cvelistv5
Published
2024-04-25 16:02
Modified
2025-03-15 03:35
Severity ?
EPSS score ?
Summary
A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1353 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1868 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:2945 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:4057 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-6717 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2253952 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 Version: 24.0.0 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-6717", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-25T19:15:14.697195Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:16:59.611Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T08:35:14.887Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4057", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6717", }, { name: "RHBZ#2253952", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253952", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaulStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "0", versionType: "maven", }, { lessThan: "24.0.3", status: "affected", version: "24.0.0", versionType: "maven", }, ], }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:amq_broker:7.12", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat AMQ Broker 7", vendor: "Red Hat", }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:build_keycloak:22", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat build of Keycloak 22.0.10", vendor: "Red Hat", }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-data-index-ephemeral-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-data-index-postgresql-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-jobs-service-postgresql-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-operator-bundle", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-rhel8-operator", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-3", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-swf-builder-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:openshift_serverless:1.33::el8", ], defaultStatus: "affected", packageName: "openshift-serverless-1/logic-swf-devmode-rhel8", product: "RHOSS-1.33-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "1.33.0-5", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13", ], defaultStatus: "unaffected", product: "RHPAM 7.13.5 async", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:6", ], defaultStatus: "affected", packageName: "mta/mta-ui-rhel9", product: "Migration Toolkit for Applications 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:migration_toolkit_applications:7", ], defaultStatus: "unaffected", packageName: "mta/mta-ui-rhel9", product: "Migration Toolkit for Applications 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:service_registry:2", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat build of Apicurio Registry 2", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:quarkus:2", ], defaultStatus: "unaffected", packageName: "org.keycloak/keycloak-core", product: "Red Hat build of Quarkus", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_data_grid:8", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Data Grid 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_brms_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Decision Manager 7", vendor: "Red Hat", }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:rhdh:1", ], defaultStatus: "affected", packageName: "rhdh-hub-container", product: "Red Hat Developer Hub", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_fuse:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Fuse 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_data_grid:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat JBoss Data Grid 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "org.keycloak-keycloak-parent", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:6", ], defaultStatus: "unknown", packageName: "rh-sso7-keycloak", product: "Red Hat JBoss Enterprise Application Platform 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:8", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jbosseapxp", ], defaultStatus: "unaffected", packageName: "keycloak", product: "Red Hat JBoss Enterprise Application Platform Expansion Pack", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:openshift_gitops:1", ], defaultStatus: "affected", packageName: "openshift-gitops-1/gitops-rhel8-operator", product: "Red Hat OpenShift GitOps", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Process Automation 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:red_hat_single_sign_on:7", ], defaultStatus: "affected", packageName: "keycloak", product: "Red Hat Single Sign-On 7", vendor: "Red Hat", }, ], datePublic: "2024-04-16T00:00:00.000Z", descriptions: [ { lang: "en", value: "A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising the confidentiality, integrity, and availability of the complete KC instance.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-15T03:35:00.190Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1353", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1353", }, { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { name: "RHSA-2024:1868", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1868", }, { name: "RHSA-2024:2945", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2945", }, { name: "RHSA-2024:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4057", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6717", }, { name: "RHBZ#2253952", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2253952", }, ], timeline: [ { lang: "en", time: "2023-12-11T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: xss via assertion consumer service url in saml post-binding flow", x_redhatCweChain: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6717", datePublished: "2024-04-25T16:02:03.267Z", dateReserved: "2023-12-12T07:30:43.924Z", dateUpdated: "2025-03-15T03:35:00.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-2419
Vulnerability from cvelistv5
Published
2024-04-17 13:23
Modified
2024-11-24 15:26
Severity ?
EPSS score ?
Summary
A flaw was found in Keycloak's redirect_uri validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1867 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2024-2419 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2269371 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ Version: 23.0.0 ≤ |
||||||||||||||||||
|
|||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-2419", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-04-25T19:49:32.838745Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:30:42.025Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T19:11:53.540Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-2419", }, { name: "RHBZ#2269371", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269371", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://github.com/keycloak/keycloak", defaultStatus: "unaffected", packageName: "keycloak", versions: [ { lessThan: "22.0.10", status: "affected", version: "0", versionType: "semver", }, { lessThan: "24.0.3", status: "affected", version: "23.0.0", versionType: "semver", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-operator-bundle", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22.0.10-1", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-13", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:build_keycloak:22::el9", ], defaultStatus: "affected", packageName: "rhbk/keycloak-rhel9-operator", product: "Red Hat build of Keycloak 22", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "22-16", versionType: "rpm", }, ], }, ], credits: [ { lang: "en", value: "Red Hat would like to thank Taha Marzak for reporting this issue.", }, ], datePublic: "2024-04-16T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in Keycloak's redirect_uri validation logic. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to the theft of an access token, making it possible for the attacker to impersonate other users. It is very similar to CVE-2023-6291.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-601", description: "URL Redirection to Untrusted Site ('Open Redirect')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-24T15:26:51.363Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1867", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1867", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-2419", }, { name: "RHBZ#2269371", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2269371", }, ], timeline: [ { lang: "en", time: "2024-03-13T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-04-16T00:00:00+00:00", value: "Made public.", }, ], title: "Keycloak: path traversal in the redirect validation", workarounds: [ { lang: "en", value: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", }, ], x_redhatCweChain: "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-2419", datePublished: "2024-04-17T13:23:34.652Z", dateReserved: "2024-03-13T13:17:07.809Z", dateUpdated: "2024-11-24T15:26:51.363Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.