CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-5967 – Keycloak: leak of configured ldap bind credentials through the keycloak admin console
https://notcve.org/view.php?id=CVE-2024-5967
18 Jun 2024 — A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who h... • https://access.redhat.com/security/cve/CVE-2024-5967 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-4540 – Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie
https://notcve.org/view.php?id=CVE-2024-4540
03 Jun 2024 — A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability. Se encontró una falla en Keycloak en las solicitudes de autorización push (PAR) de OAuth 2.0. Se descubrió que los parámetros proporcionados por el cliente estaban incluidos en texto pl... • https://access.redhat.com/errata/RHSA-2024:3566 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.1EPSS: 0%CPEs: 11EXPL: 0CVE-2024-4029 – Wildfly: no timeout for eap management interface may lead to denial of service (dos)
https://notcve.org/view.php?id=CVE-2024-4029
02 May 2024 — A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections. Se encontró una vulnerabilidad en la interfaz de administración de Wildfly. Debido a la falta de limitación de sockets para la interfaz de administración, es posible que se produzca una denegación de servicio que alcance el lím... • https://access.redhat.com/security/cve/CVE-2024-4029 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2024-1102 – Jberet: jberet-core logging database credentials
https://notcve.org/view.php?id=CVE-2024-1102
25 Apr 2024 — A vulnerability was found in jberet-core logging. An exception in 'dbProperties' might display user credentials such as the username and password for the database-connection. Se encontró una vulnerabilidad en jberet-core logging. Una excepción en 'dbProperties' podría mostrar credenciales de usuario, como el nombre de usuario y la contraseña para la conexión a la base de datos. • https://access.redhat.com/errata/RHSA-2024:3580 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-523: Unprotected Transport of Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-6787 – Keycloak: session hijacking via re-authentication
https://notcve.org/view.php?id=CVE-2023-6787
25 Apr 2024 — A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session. S... • https://access.redhat.com/errata/RHSA-2024:1867 • CWE-287: Improper Authentication •
CVSS: 6.4EPSS: 0%CPEs: 23EXPL: 0CVE-2023-6717 – Keycloak: xss via assertion consumer service url in saml post-binding flow
https://notcve.org/view.php?id=CVE-2023-6717
25 Apr 2024 — A flaw was found in the SAML client registration in Keycloak that could allow an administrator to register malicious JavaScript URIs as Assertion Consumer Service POST Binding URLs (ACS), posing a Cross-Site Scripting (XSS) risk. This issue may allow a malicious admin in one realm or a client with registration access to target users in different realms or applications, executing arbitrary JavaScript in their contexts upon form submission. This can enable unauthorized access and harmful actions, compromising... • https://access.redhat.com/errata/RHSA-2024:1867 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-6544 – Keycloak: authorization bypass
https://notcve.org/view.php?id=CVE-2023-6544
25 Apr 2024 — A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized. Se encontró una falla en el paquete Keycloak. Este problema se produce debido a una expresión regular permisiva codificada para el filtrado q... • https://access.redhat.com/errata/RHSA-2024:1860 • CWE-625: Permissive Regular Expression •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3597 – Keycloak: secondary factor bypass in step-up authentication
https://notcve.org/view.php?id=CVE-2023-3597
25 Apr 2024 — A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication. Se encontró una falla en Keycloak, donde no valida correctamente la autenticación incremental de su cliente en org.keycloak.authentication. Esta falla permite que un usuario remoto autenticado con una contraseña reg... • https://access.redhat.com/errata/RHSA-2024:1867 • CWE-287: Improper Authentication •
CVSS: 3.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0657 – Keycloak: impersonation via logout token exchange
https://notcve.org/view.php?id=CVE-2023-0657
17 Apr 2024 — A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions. • https://access.redhat.com/errata/RHSA-2024:1867 • CWE-273: Improper Check for Dropped Privileges •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-6484 – Keycloak: log injection during webauthn authentication or registration
https://notcve.org/view.php?id=CVE-2023-6484
17 Apr 2024 — A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. Se encontró una falla de inyección de registros en Keycloak. Se puede inyectar una cadena de texto a través del formulario de autenticación cuando se utiliza el modo de autenticación WebAuthn. • https://access.redhat.com/errata/RHSA-2024:0798 • CWE-117: Improper Output Neutralization for Logs •