CVE-2023-1664 – keycloak: Untrusted Certificate Validation
https://notcve.org/view.php?id=CVE-2023-1664
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of "Cannot validate client certificate trust: Truststore not available". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. • https://bugzilla.redhat.com/show_bug.cgi?id=2182196&comment#0 https://access.redhat.com/security/cve/CVE-2023-1664 https://bugzilla.redhat.com/show_bug.cgi?id=2182196 • CWE-295: Improper Certificate Validation •
CVE-2022-2237 – Adapter: Open redirect vulnerability in checkSSO
https://notcve.org/view.php?id=CVE-2022-2237
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function. • https://bugzilla.redhat.com/show_bug.cgi?id=2097007 https://access.redhat.com/security/cve/CVE-2022-2237 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2022-1274 – keycloak: HTML injection in execute-actions-email Admin REST API
https://notcve.org/view.php?id=CVE-2022-1274
A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform phishing or other attacks against users. • https://bugzilla.redhat.com/show_bug.cgi?id=2073157 https://github.com/keycloak/keycloak/security/advisories/GHSA-m4fv-gm5m-4725 https://herolab.usd.de/security-advisories/usd-2021-0033 https://access.redhat.com/security/cve/CVE-2022-1274 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVE-2022-1438 – Keycloak: xss on impersonation under specific circumstances
https://notcve.org/view.php?id=CVE-2022-1438
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability. Se encontró una falla en Keycloak. En circunstancias específicas, las entidades HTML no se sanitizan durante la suplantación de usuarios, lo que genera una vulnerabilidad de Cross-Site Scripting (XSS). • https://access.redhat.com/errata/RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1047 https://access.redhat.com/errata/RHSA-2023:1049 https://access.redhat.com/security/cve/CVE-2022-1438 https://bugzilla.redhat.com/show_bug.cgi?id=2031904 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-0105 – keycloak: impersonation and lockout possible through incorrect handling of email trust
https://notcve.org/view.php?id=CVE-2023-0105
A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lockout or impersonate them. Se encontró una falla en Keycloak. Esta falla permite la suplantación y el bloqueo debido a que la confianza del correo electrónico no se maneja correctamente en Keycloak. • https://access.redhat.com/security/cve/CVE-2023-0105 https://bugzilla.redhat.com/show_bug.cgi?id=2158910 • CWE-287: Improper Authentication CWE-841: Improper Enforcement of Behavioral Workflow •