CVE-2020-1714 – keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-1714
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. Se detectó un fallo en Keycloak versiones anteriores a 11.0.0, donde la base de código contiene usos de la función ObjectInputStream sin ningún tipo de comprobaciones. Este fallo permite a un atacante inyectar Objetos Java serializados arbitrariamente, que luego se deserializarán en un contexto privilegiado y conlleva potencialmente a una ejecución de código remota. A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714 https://github.com/keycloak/keycloak/pull/7053 https://access.redhat.com/security/cve/CVE-2020-1714 https://bugzilla.redhat.com/show_bug.cgi?id=1705975 • CWE-20: Improper Input Validation •
CVE-2020-1718 – keycloak: security issue on reset credential flow
https://notcve.org/view.php?id=CVE-2020-1718
A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application. Se encontró un fallo en el flujo de restablecimiento de credenciales en todas las versiones de Keycloak versiones anteriores a 8.0.0. Este fallo permite a un atacante obtener acceso no autorizado a la aplicación. A flaw was found in the reset credential flow in Keycloak. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1718 https://access.redhat.com/security/cve/CVE-2020-1718 https://bugzilla.redhat.com/show_bug.cgi?id=1796756 • CWE-287: Improper Authentication •
CVE-2020-1757 – undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
https://notcve.org/view.php?id=CVE-2020-1757
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass. Se encontró un fallo en todas las versiones undertow-2.x.x SP1 anteriores a undertow-2.0.30.SP1, en todas las versiones undertow-1.x.x y versiones undertow-2.x.x anteriores a undertow-2.1.0.Final, donde el contenedor de servlets causa que servletPath se normalice incorrectamente al truncar la ruta después del punto y coma, lo que puede conllevar a un mapeo de la aplicación resultando en la omisión de la seguridad. A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1757 https://access.redhat.com/security/cve/CVE-2020-1757 https://bugzilla.redhat.com/show_bug.cgi?id=1752770 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-14887 – wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use
https://notcve.org/view.php?id=CVE-2019-14887
A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable. Se detectó un fallo cuando un proveedor de seguridad OpenSSL es usado con Wildfly, el valor de "enabled-protocols" en la configuración de Wildfly no es respetado. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14887 https://issues.redhat.com/browse/JBEAP-17965 https://security.netapp.com/advisory/ntap-20200327-0007 https://access.redhat.com/security/cve/CVE-2019-14887 https://bugzilla.redhat.com/show_bug.cgi?id=1772008 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVE-2019-14888 – undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS
https://notcve.org/view.php?id=CVE-2019-14888
A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL. Se detectó una vulnerabilidad en el servidor HTTP Undertow en versiones anteriores a 2.0.28.SP1, al escuchar sobre HTTPS. Un atacante puede apuntar al puerto HTTPS para llevar a cabo una Denegación de Servicio (DOS) para hacer que el servicio no esté disponible en SSL. A vulnerability was found in the Undertow HTTP server listening on HTTPS. • https://access.redhat.com/errata/RHSA-2020:0729 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14888 https://security.netapp.com/advisory/ntap-20220211-0001 https://access.redhat.com/security/cve/CVE-2019-14888 https://bugzilla.redhat.com/show_bug.cgi?id=1772464 • CWE-400: Uncontrolled Resource Consumption •