CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10199 – keycloak: CSRF check missing in My Resources functionality in the Account Console
https://notcve.org/view.php?id=CVE-2019-10199
14 Aug 2019 — It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain. Se detectó que la consola de cuenta de Keycloak, versiones hasta 6.0.1, no realizaba comprobaciones de encabezado adecuadas en algunas peticiones. Un atacante podría usar este fallo para engañar a un usuario autenticado para que realice operaciones por medio de una pe... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10199 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10201 – keycloak: SAML broker does not check existence of signature on document allowing any user impersonation
https://notcve.org/view.php?id=CVE-2019-10201
14 Aug 2019 — It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10157 – keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.
https://notcve.org/view.php?id=CVE-2019-10157
11 Jun 2019 — It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely. Se encontró que el adaptador Node.js de Keycloak antes de la versión 4.8.3 no verificó correctamente el token web recibido del servidor en su cierre de sesión de backchannel. Un atacante con acceso local p... • http://www.securityfocus.com/bid/108734 • CWE-287: Improper Authentication CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3875 – keycloak: missing signatures validation on CRL used to verify client certificates
https://notcve.org/view.php?id=CVE-2019-3875
11 Jun 2019 — A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols ('http' or 'ldap') and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn't validate signatures on CRL, which... • http://www.securityfocus.com/bid/108748 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3868 – keycloak: session hijack using the user access token
https://notcve.org/view.php?id=CVE-2019-3868
23 Apr 2019 — Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. As a result an attacker with access to service provider backend could hijack user’s browser session. Keycloak hasta la versión 6.0.0 permite utilizar el token de usuario final (JWT de token de acceso o id) como cookie de sesión para sesiones de navegador para OIDC. Como resultado, un atacante con acceso al backend del proveedor de servicios podría secuestrar la sesi... • http://www.securityfocus.com/bid/108061 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14637 – keycloak: expiration not validated in SAML broker consumer endpoint
https://notcve.org/view.php?id=CVE-2018-14637
30 Nov 2018 — The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack. El endpoint del cliente del bróker SAML en Keycloak en versiones anteriores a la 4.6.0.Final ignora las condiciones de expiración en las aserciones SAML. Un atacante podría explotar esta vulnerabilidad para realizar un ataque de repetición. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637 • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-14657 – keycloak: brute force protection not working for the entire login workflow
https://notcve.org/view.php?id=CVE-2018-14657
13 Nov 2018 — A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures. Se ha descubierto un error en Keycloak 4.2.1.Final y 4.3.0.Final. Cuando TOPT está habilitado, la implementación incorrecta del algoritmo de detección de fuerza bruta no aplica sus medidas de protección. Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-b... • https://access.redhat.com/errata/RHSA-2018:3592 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14658 – keycloak: Open Redirect in Login and Logout
https://notcve.org/view.php?id=CVE-2018-14658
13 Nov 2018 — A flaw was found in JBOSS Keycloak 3.2.1.Final. The Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. This can lead to an Open Redirection attack Se ha descubierto un problema en JBOSS Keycloak 3.2.1.Final. La URL de redirección para el inicio y el cierre de sesión no se normalizan en org.keycloak.protocol.oidc.utils.RedirectUtils antes de que se verifique la URL de redirección. Esto puede conducir a un ataque de ... • https://access.redhat.com/errata/RHSA-2018:3592 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2018-14655 – keycloak: XSS-Vulnerability with response_mode=form_post
https://notcve.org/view.php?id=CVE-2018-14655
13 Nov 2018 — A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login. Se ha descubierto un error en Keycloak 3.4.3.Final, 4.0.0.Beta2 y 4.3.0.Final. Al emplear "response_mode=form_post", es posible inyectar código JavaScript arbitrario mediante el parámetro "state" en la URL de autenticación. • https://access.redhat.com/errata/RHSA-2018:3592 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10894 – keycloak: auth permitted with expired certs in SAML client
https://notcve.org/view.php?id=CVE-2018-10894
01 Aug 2018 — It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks. Se ha descubierto que la autenticación SAML en Keycloak 3.4.3.Final autenticaba incorrectamente los certificados caducados. Un usuario malicioso podría aprovecharse de esto para acceder a datos no autorizados o, posiblemente, llevar a cabo más ataques. Red Hat OpenShift Application Runtimes provides an a... • https://access.redhat.com/errata/RHSA-2018:3592 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •