CVE-2020-1723
https://notcve.org/view.php?id=CVE-2020-1723
A flaw was found in Keycloak Gatekeeper (Louketo). The logout endpoint can be abused to redirect logged-in users to arbitrary web pages. Affected versions of Keycloak Gatekeeper (Louketo): 6.0.1, 7.0.0 Se ha encontrado un fallo en Keycloak Gatekeeper (Louketo). El punto final de cierre de sesión puede ser abusado para redireccionar a los usuarios conectados a páginas web arbitrarias. Versiones afectadas de Keycloak Gatekeeper (Louketo): 6.0.1, 7.0.0 • https://bugzilla.redhat.com/show_bug.cgi?id=1770276 https://issues.redhat.com/browse/KEYCLOAK-11318 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2017-12161
https://notcve.org/view.php?id=CVE-2017-12161
It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset request. An attacker could use this flaw to craft a malicious password reset request and gain a valid reset token, leading to information disclosure or further attacks. Se ha descubierto que keycloak, en versiones anteriores a la 3.4.2 final, permitiría el mal uso de una entrada /etc/hosts del lado del cliente para suplantar una URL en una petición de restablecimiento de contraseña. Un atacante podría emplear este error para manipular una petición maliciosa de restablecimiento de contraseña y obtener un token de restablecimiento válido, lo que conduciría a una divulgación de información o a ataques a mayores. • https://bugzilla.redhat.com/show_bug.cgi?id=1484564 https://github.com/keycloak/keycloak-documentation/pull/268/commits/a2b58aadee42af2c375b72e86dffc2cf23cc3770 • CWE-602: Client-Side Enforcement of Server-Side Security CWE-640: Weak Password Recovery Mechanism for Forgotten Password •
CVE-2017-15111 – keycloak-httpd-client-install: unsafe /tmp log file in --log-file option in keycloak_cli.py
https://notcve.org/view.php?id=CVE-2017-15111
keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic link. keycloak-httpd-client-install, en versiones anteriores a la 0.8, crea archivos temporales de forma insegura, lo que permite que atacantes locales sobrescriban otros archivos mediante un enlace simbólico. It was discovered that keycloak-httpd-client-install uses a predictable log file name in /tmp. A local attacker could create a symbolic link to a sensitive location, possibly causing data corruption or denial of service. • https://access.redhat.com/errata/RHSA-2019:2137 https://github.com/jdennis/keycloak-httpd-client-install/commit/07f26e213196936fb328ea0c1d5a66a09d8b5440 https://access.redhat.com/security/cve/CVE-2017-15111 https://bugzilla.redhat.com/show_bug.cgi?id=1511623 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-377: Insecure Temporary File •
CVE-2017-15112 – keycloak-httpd-client-install: unsafe use of -p/--admin-password on command line
https://notcve.org/view.php?id=CVE-2017-15112
keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users. keycloak-httpd-client-install, en versiones anteriores a la 0.8, permite que los usuarios pasen la contraseña de forma no segura a través de la línea de comandos, filtrándola mediante el historial de comandos y procesen la información a otros usuarios locales. In keycloak-http-client-install prior to version 0.8, the admin password could be provided through a command-line argument. This might result in the password being leaked through shell history, or becoming visible to a local attacker at the time the program is running. • https://access.redhat.com/errata/RHSA-2019:2137 https://github.com/jdennis/keycloak-httpd-client-install/commit/c3121b271abaaa1a76de2b9ae89dacde0105cd75 https://access.redhat.com/security/cve/CVE-2017-15112 https://bugzilla.redhat.com/show_bug.cgi?id=1511626 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-3651
https://notcve.org/view.php?id=CVE-2014-3651
JBoss KeyCloak before 1.0.3.Final allows remote attackers to cause a denial of service (resource consumption) via a large value in the size parameter to auth/qrcode, related to QR code generation. JBoss KeyCloak en versiones anteriores a la 1.0.3.Final permite que atacantes remotos provoquen una denegación de servicio (consumo de recursos) mediante un valor grande en el parámetro size en auth/qrcode. Esto está relacionado con la generación de códigos QR. • https://bugzilla.redhat.com/show_bug.cgi?id=1144278 https://issues.jboss.org/browse/KEYCLOAK-699 • CWE-400: Uncontrolled Resource Consumption •