CVE-2020-1723
https://notcve.org/view.php?id=CVE-2020-1723
A flaw was found in Keycloak Gatekeeper (Louketo). The logout endpoint can be abused to redirect logged-in users to arbitrary web pages. Affected versions of Keycloak Gatekeeper (Louketo): 6.0.1, 7.0.0 Se ha encontrado un fallo en Keycloak Gatekeeper (Louketo). El punto final de cierre de sesión puede ser abusado para redireccionar a los usuarios conectados a páginas web arbitrarias. Versiones afectadas de Keycloak Gatekeeper (Louketo): 6.0.1, 7.0.0 • https://bugzilla.redhat.com/show_bug.cgi?id=1770276 https://issues.redhat.com/browse/KEYCLOAK-11318 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2020-1725
https://notcve.org/view.php?id=CVE-2020-1725
A flaw was found in keycloak before version 13.0.0. In some scenarios a user still has access to a resource after changing the role mappings in Keycloak and after expiration of the previous access token. Se encontró un fallo en keycloak versiones anteriores a 13.0.0. En algunos escenarios, un usuario aún tiene acceso a un recurso después de cambiar las asignaciones de roles en Keycloak y después de la expiración del token de acceso anterior • https://bugzilla.redhat.com/show_bug.cgi?id=1765129 https://issues.redhat.com/browse/KEYCLOAK-16550 • CWE-863: Incorrect Authorization •
CVE-2020-27826 – keycloak: Account REST API can update user metadata attributes
https://notcve.org/view.php?id=CVE-2020-27826
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application. Se encontró un fallo en Keycloak versiones anteriores a 12.0.0, donde es posible actualizar los atributos de metadatos del usuario usando la API REST de la cuenta. Este fallo permite a un atacante cambiar su propio atributo NameID para hacerse pasar por el usuario administrador de cualquier aplicación en particular • https://bugzilla.redhat.com/show_bug.cgi?id=1905089 https://access.redhat.com/security/cve/CVE-2020-27826 • CWE-250: Execution with Unnecessary Privileges •
CVE-2020-14302 – keycloak: reusable "state" parameter at redirect_uri endpoint enables possibility of replay attacks
https://notcve.org/view.php?id=CVE-2020-14302
A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. This flaw allows a malicious user to perform replay attacks. Se encontró un fallo en Keycloak versiones anteriores a 13.0.0, donde un proveedor de identidad externo, después de una autenticación con éxito, redirecciona un endpoint hacia Keycloak que acepta múltiples invocaciones con el uso del mismo parámetro "state". Este fallo permite a un usuario malicioso llevar a cabo ataques de reproducción A flaw was found in Keycloak, where an external identity provider, after successful authentication, redirects to a Keycloak endpoint that accepts multiple invocations with the use of the same "state" parameter. This flaw allows a malicious user to perform replay attacks. • https://bugzilla.redhat.com/show_bug.cgi?id=1849584 https://access.redhat.com/security/cve/CVE-2020-14302 • CWE-294: Authentication Bypass by Capture-replay •
CVE-2020-10770 – Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)
https://notcve.org/view.php?id=CVE-2020-10770
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. Se encontró un fallo en Keycloak versiones anteriores a 13.0.0, donde es posible forzar al servidor a llamar a una URL no verificada usando el parámetro OIDC request_uri. Este fallo permite a un atacante usar este parámetro para ejecutar un ataque de tipo Server-side request forgery (SSRF) A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. • https://www.exploit-db.com/exploits/50405 https://github.com/ColdFusionX/Keycloak-12.0.1-CVE-2020-10770 http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html https://bugzilla.redhat.com/show_bug.cgi?id=1846270 https://access.redhat.com/security/cve/CVE-2020-10770 • CWE-918: Server-Side Request Forgery (SSRF) •