CVE-2020-10758 – keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body
https://notcve.org/view.php?id=CVE-2020-10758
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 11.0.1, donde el ataque de DoS es posible mediante el envío de veinte peticiones simultáneamente hacia el servidor de keycloak especificado, todas con un valor de encabezado Content-Length que excede el conteo de bytes real del cuerpo de la petición A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability. • https://bugzilla.redhat.com/show_bug.cgi?id=1843849 https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251 https://access.redhat.com/security/cve/CVE-2020-10758 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2020-1694 – keycloak: verify-token-audience support is missing in the NodeJS adapter
https://notcve.org/view.php?id=CVE-2020-1694
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions. Se encontró un fallo en todas las versiones de Keycloak versiones anteriores a 10.0.0, donde el adaptador NodeJS no admitía la verify-token-audience. Este fallo hace que algunos usuarios tengan acceso a información confidencial fuera de sus permisos A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions. • https://bugzilla.redhat.com/show_bug.cgi?id=1790759 https://access.redhat.com/security/cve/CVE-2020-1694 • CWE-183: Permissive List of Allowed Inputs CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-1727 – keycloak: missing input validation in IDP authorization URLs
https://notcve.org/view.php?id=CVE-2020-1727
A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 9.0.2, donde cada URL de autorización que apunta a un servidor IDP que carece de una comprobación de entrada inapropiada, ya que permite una amplia gama de caracteres. Este fallo permite a un malicioso diseñar enlaces profundos que introducen escenarios de ataque adicionales en los clientes afectados A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1727 https://access.redhat.com/security/cve/CVE-2020-1727 https://bugzilla.redhat.com/show_bug.cgi?id=1800573 • CWE-20: Improper Input Validation •
CVE-2020-1714 – keycloak: Lack of checks in ObjectInputStream leading to Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-1714
A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code execution. Se detectó un fallo en Keycloak versiones anteriores a 11.0.0, donde la base de código contiene usos de la función ObjectInputStream sin ningún tipo de comprobaciones. Este fallo permite a un atacante inyectar Objetos Java serializados arbitrariamente, que luego se deserializarán en un contexto privilegiado y conlleva potencialmente a una ejecución de código remota. A flaw was found in Keycloak, where the code base contains usages of ObjectInputStream without type checks. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1714 https://github.com/keycloak/keycloak/pull/7053 https://access.redhat.com/security/cve/CVE-2020-1714 https://bugzilla.redhat.com/show_bug.cgi?id=1705975 • CWE-20: Improper Input Validation •
CVE-2020-1758 – keycloak: improper verification of certificate with host mismatch could result in information disclosure
https://notcve.org/view.php?id=CVE-2020-1758
A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle (MITM) attack. Se encontró un fallo en Keycloak en versiones anteriores a 10.0.0, donde no se lleva a cabo una verificación del nombre de host TLS mientras se envía correos electrónicos utilizando el servidor SMTP. Este fallo permite a un atacante llevar a cabo un ataque de tipo man-in-the-middle (MITM). A flaw was found in Keycloak, where it does not perform the TLS hostname verification while sending emails using the SMTP server. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1758 https://issues.redhat.com/browse/KEYCLOAK-13285 https://access.redhat.com/security/cve/CVE-2020-1758 https://bugzilla.redhat.com/show_bug.cgi?id=1812514 • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •