CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0CVE-2022-4039 – Rhsso-container-image: unsecured management interface exposed to adjecent network
https://notcve.org/view.php?id=CVE-2022-4039
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration. Se encontró una falla en Red Hat Single Sign-On para imágenes de contenedores OpenShift, que están configuradas con una interfaz de administración no segura habilitada. Esta falla permite a un atacante usar esta interfaz para implementar código malicioso y acceder y modificar información potencialmente sensible en la configuración del servidor de aplicaciones. • https://access.redhat.com/errata/RHSA-2023:1047 https://access.redhat.com/security/cve/CVE-2022-4039 https://bugzilla.redhat.com/show_bug.cgi?id=2143416 • CWE-276: Incorrect Default Permissions •
CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 1CVE-2023-0264 – keycloak: user impersonation via stolen uuid code
https://notcve.org/view.php?id=CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante autenticado que pudiera obtener información de una solicitud de usuario dentro del mismo entorno, podría utilizar esos datos para hacerse pasar por la víctima y generar nuevos tokens de sesión. • https://github.com/twwd/CVE-2023-0264 https://access.redhat.com/security/cve/CVE-2023-0264 https://bugzilla.redhat.com/show_bug.cgi?id=2160585 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-1664 – keycloak: Untrusted Certificate Validation
https://notcve.org/view.php?id=CVE-2023-1664
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of "Cannot validate client certificate trust: Truststore not available". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. • https://bugzilla.redhat.com/show_bug.cgi?id=2182196&comment#0 https://access.redhat.com/security/cve/CVE-2023-1664 https://bugzilla.redhat.com/show_bug.cgi?id=2182196 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2237 – Adapter: Open redirect vulnerability in checkSSO
https://notcve.org/view.php?id=CVE-2022-2237
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function. • https://bugzilla.redhat.com/show_bug.cgi?id=2097007 https://access.redhat.com/security/cve/CVE-2022-2237 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2022-4492 – undertow: Server identity in https connection is not checked by the undertow client
https://notcve.org/view.php?id=CVE-2022-4492
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol. A flaw was found in undertow. The undertow client is not checking the server identity the server certificate presents in HTTPS connections. • https://access.redhat.com/security/cve/CVE-2022-4492 https://bugzilla.redhat.com/show_bug.cgi?id=2153260 https://security.netapp.com/advisory/ntap-20230324-0002 • CWE-550: Server-generated Error Message Containing Sensitive Information •