CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1697 – keycloak: stored XSS in client settings via application links
https://notcve.org/view.php?id=CVE-2020-1697
10 Feb 2020 — It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further attacks. Se encontró en todas las versiones de keycloak anteriores a 9.0.0 que los enlaces de aplicaciones externas (Application Links) en la consola de administración no están validados apropiadamente y podrían permi... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1697 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-14910
https://notcve.org/view.php?id=CVE-2019-14910
05 Dec 2019 — A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has entered. Se encontró una vulnerabilidad en keycloak versiones 7.x, cuando keycloak es configurado con LDAP user federation y StartTLS es usado en lugar de SSL/TLS desde el servidor LDAP (ldaps), en este caso la autenticación del usuario tiene éxito inclusive si una contrase... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14910 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation CWE-305: Authentication Bypass by Primary Weakness CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-14909
https://notcve.org/view.php?id=CVE-2019-14909
04 Dec 2019 — A vulnerability was found in Keycloak 7.x where the user federation LDAP bind type is none (LDAP anonymous bind), any password, invalid or valid will be accepted. Se encontró una vulnerabilidad en Keycloak versiones 7.x donde un tipo de enlace de user federation LDAP es none (enlace anónimo LDAP), y será aceptada cualquier contraseña, no válida o válida. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14909 • CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 1CVE-2019-14837 – keycloak: keycloak uses hardcoded open dummy domain for new accounts enabling information disclosure
https://notcve.org/view.php?id=CVE-2019-14837
02 Dec 2019 — A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be 'service-account-test@placeholder.org'. Se encontró un fallo en keycloack versiones anteriores a la versión 8.0.0. El propietario del dominio "placeholder.org" puede configurar el servidor de correo sobre este dominio y conociendo solo el nombre de un c... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14837 • CWE-547: Use of Hard-coded, Security-relevant Constants CWE-798: Use of Hard-coded Credentials •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0CVE-2019-14820 – keycloak: adapter endpoints are exposed via arbitrary URLs
https://notcve.org/view.php?id=CVE-2019-14820
14 Oct 2019 — It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information. Se descubrió que keycloak versiones anteriores la versión 8.0.0, expone los endpoints del adaptador interno en org.keycloak.constants.AdapterConstants, que pueden ser invocadas por medio de una URL especialmente diseñada. Esta vulnerabilidad podría permiti... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14820 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14832 – keycloak: cross-realm user access auth bypass
https://notcve.org/view.php?id=CVE-2019-14832
14 Oct 2019 — A flaw was found in the Keycloak REST API before version 8.0.0 where it would permit user access from a realm the user was not configured. An authenticated attacker with knowledge of a user id could use this flaw to access unauthorized information or to carry out further attacks. Se encontró un fallo en la API REST de Keycloak anterior a la versión 8.0.0, donde se permitiría el acceso del usuario desde un dominio en el que el usuario no fue configurado. Un atacante autenticado con conocimiento de un id de u... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14832 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-2582 – keycloak: SAML request parser replaces special strings with system properties
https://notcve.org/view.php?id=CVE-2017-2582
26 Sep 2017 — It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. Se ha descubierto que cuando se analizan los mensajes SAML, la clase StaxParserUtil de keycloak en ... • http://www.securityfocus.com/bid/101046 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-8627 – admin-cli: Potential EAP resource starvation DOS attack via GET requests for server log files
https://notcve.org/view.php?id=CVE-2016-8627
19 Jan 2017 — admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired. admin-cli, en versiones anteriores a la 3.0.0.alpha25 y 2.2.1.cr2, es vulnerable a que una característica EAP descargue archivos de registro del servidor, ... • http://rhn.redhat.com/errata/RHSA-2017-0170.html • CWE-400: Uncontrolled Resource Consumption •