CVE-2019-14820 – keycloak: adapter endpoints are exposed via arbitrary URLs
https://notcve.org/view.php?id=CVE-2019-14820
It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information. Se descubrió que keycloak versiones anteriores la versión 8.0.0, expone los endpoints del adaptador interno en org.keycloak.constants.AdapterConstants, que pueden ser invocadas por medio de una URL especialmente diseñada. Esta vulnerabilidad podría permitir a un atacante acceder a información no autorizada. It was found that keycloak exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820 https://access.redhat.com/security/cve/CVE-2019-14820 https://bugzilla.redhat.com/show_bug.cgi?id=1649870 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-14832 – keycloak: cross-realm user access auth bypass
https://notcve.org/view.php?id=CVE-2019-14832
A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks. Se encontró un fallo en la API REST de Keycloak anterior a la versión 8.0.0, donde se permitiría el acceso del usuario desde un dominio en el que el usuario no fue configurado. Un atacante autenticado con conocimiento de un id de usuario podría usar este fallo para acceder a información no autorizada o llevar a cabo futuros ataques. A flaw was found in the Keycloak REST API where it would permit user access from a realm the user was not configured. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14832 https://access.redhat.com/security/cve/CVE-2019-14832 https://bugzilla.redhat.com/show_bug.cgi?id=1749487 • CWE-863: Incorrect Authorization •
CVE-2019-10201 – keycloak: SAML broker does not check existence of signature on document allowing any user impersonation
https://notcve.org/view.php?id=CVE-2019-10201
It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information. Se detectó que el broker SAML de Keycloak, versiones hasta 6.0.1, no comprobaba la falta de firmas de mensajes. Si un atacante modifica la Respuesta SAML y elimina las secciones (Signature), el mensaje sigue siendo aceptado y el mensaje puede ser modificado. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201 https://access.redhat.com/security/cve/CVE-2019-10201 https://bugzilla.redhat.com/show_bug.cgi?id=1728609 • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature CWE-592: DEPRECATED: Authentication Bypass Issues •
CVE-2019-10199 – keycloak: CSRF check missing in My Resources functionality in the Account Console
https://notcve.org/view.php?id=CVE-2019-10199
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain. Se detectó que la consola de cuenta de Keycloak, versiones hasta 6.0.1, no realizaba comprobaciones de encabezado adecuadas en algunas peticiones. Un atacante podría usar este fallo para engañar a un usuario autenticado para que realice operaciones por medio de una petición desde un dominio no confiable. It was found that Keycloak's account console did not perform adequate header checks in some requests. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199 https://access.redhat.com/security/cve/CVE-2019-10199 https://bugzilla.redhat.com/show_bug.cgi?id=1729261 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-3875 – keycloak: missing signatures validation on CRL used to verify client certificates
https://notcve.org/view.php?id=CVE-2019-3875
A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols ('http' or 'ldap') and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn't validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle. Se encontró una vulnerabilidad en keycloak versión anterior a 6.0.2. • http://www.securityfocus.com/bid/108748 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3875 https://access.redhat.com/security/cve/CVE-2019-3875 https://bugzilla.redhat.com/show_bug.cgi?id=1690628 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •