6 results (0.009 seconds)

CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 1

CVE-2023-6134 – Keycloak: reflected xss via wildcard in oidc redirect_uri

https://notcve.org/view.php?id=CVE-2023-6134

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. Se encontró una falla en Keycloak que impide ciertos esquemas en las redirecciones, pero los permite si se agrega un comodín al token. Este problema podría permitir que un atacante envíe una solicitud especialmente manipulada que dé lugar a cross-site scripting (XSS) o más ataques. • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/errata/RHSA-2023:7860 https://access.redhat.com/errata/RHSA-2023:7861 https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 1

CVE-2023-0264 – keycloak: user impersonation via stolen uuid code

https://notcve.org/view.php?id=CVE-2023-0264

A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante autenticado que pudiera obtener información de una solicitud de usuario dentro del mismo entorno, podría utilizar esos datos para hacerse pasar por la víctima y generar nuevos tokens de sesión. • https://github.com/twwd/CVE-2023-0264 https://access.redhat.com/security/cve/CVE-2023-0264 https://bugzilla.redhat.com/show_bug.cgi?id=2160585 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2020-10695 – containers/redhat-sso-7: /etc/passwd is given incorrect privileges

https://notcve.org/view.php?id=CVE-2020-10695

An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges. Se encontró un fallo de modificación no segura del archivo /etc/passwd en el contenedor redhat-sso-7. Un atacante con acceso al contenedor puede usar este fallo para modificar el archivo /etc/passwd y escalar sus privilegios • https://bugzilla.redhat.com/show_bug.cgi?id=1817530 https://access.redhat.com/security/cve/CVE-2020-10695 • CWE-266: Incorrect Privilege Assignment •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2020-10748 – keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)

https://notcve.org/view.php?id=CVE-2020-10748

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. Se encontró un fallo en el filtro de datos de Keycloak, en versión 10.0.1, donde permitía el procesamiento de las URL de datos en algunas circunstancias. Este fallo permite a un atacante conducir ataques de tipo cross-site scripting o mas ataques A flaw was found in Keycloak's data filter, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. • https://bugzilla.redhat.com/show_bug.cgi?id=1836786 https://access.redhat.com/security/cve/CVE-2020-10748 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0

CVE-2019-3800 – CF CLI writes the client id and secret to config file

https://notcve.org/view.php?id=CVE-2019-3800

CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. A local authenticated malicious user with access to the CF CLI config file can act as that client, who is the owner of the leaked credentials. La CLI de CF anterior a versión v6.45.0 (versión de lanzamiento bosh 1.16.0), escribe el id y el secreto del cliente hacia su archivo de configuración cuando el usuario se autentica con el flag --client-credentials. Un usuario malicioso autenticado local con acceso al archivo de configuración de la CLI de CF puede actuar como ese cliente, quien es el propietario de las credenciales filtradas. • https://pivotal.io/security/cve-2019-3800 https://www.cloudfoundry.org/blog/cve-2019-3800 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-522: Insufficiently Protected Credentials •