CVE-2020-14389 – keycloak: user can manage resources with just "view-profile" role using new Account Console
https://notcve.org/view.php?id=CVE-2020-14389
It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. Se detectó que Keycloak versiones anteriores a 12.0.0, permitiría a un usuario que sólo tuviera una función de perfil de visualización administrar los recursos en la nueva consola de cuentas, permitiendo un acceso y una modificación de unos datos que el usuario no estaba destinado a tener A flaw was found in Keycloak, where it would permit a user with a view-profile role to manage the resources in the new account console. This flaw allows a user with a view-profile role to access and modify data for which the user does not have adequate permission. • https://access.redhat.com/security/cve/cve-2020-14389 https://bugzilla.redhat.com/show_bug.cgi?id=1875843%2C https://access.redhat.com/security/cve/CVE-2020-14389 https://bugzilla.redhat.com/show_bug.cgi?id=1875843 • CWE-916: Use of Password Hash With Insufficient Computational Effort •
CVE-2020-10758 – keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body
https://notcve.org/view.php?id=CVE-2020-10758
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 11.0.1, donde el ataque de DoS es posible mediante el envío de veinte peticiones simultáneamente hacia el servidor de keycloak especificado, todas con un valor de encabezado Content-Length que excede el conteo de bytes real del cuerpo de la petición A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability. • https://bugzilla.redhat.com/show_bug.cgi?id=1843849 https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251 https://access.redhat.com/security/cve/CVE-2020-10758 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2020-1694 – keycloak: verify-token-audience support is missing in the NodeJS adapter
https://notcve.org/view.php?id=CVE-2020-1694
A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions. Se encontró un fallo en todas las versiones de Keycloak versiones anteriores a 10.0.0, donde el adaptador NodeJS no admitía la verify-token-audience. Este fallo hace que algunos usuarios tengan acceso a información confidencial fuera de sus permisos A flaw was found in Keycloak, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions. • https://bugzilla.redhat.com/show_bug.cgi?id=1790759 https://access.redhat.com/security/cve/CVE-2020-1694 • CWE-183: Permissive List of Allowed Inputs CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-10748 – keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)
https://notcve.org/view.php?id=CVE-2020-10748
A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. Se encontró un fallo en el filtro de datos de Keycloak, en versión 10.0.1, donde permitía el procesamiento de las URL de datos en algunas circunstancias. Este fallo permite a un atacante conducir ataques de tipo cross-site scripting o mas ataques A flaw was found in Keycloak's data filter, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. • https://bugzilla.redhat.com/show_bug.cgi?id=1836786 https://access.redhat.com/security/cve/CVE-2020-10748 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-1727 – keycloak: missing input validation in IDP authorization URLs
https://notcve.org/view.php?id=CVE-2020-1727
A vulnerability was found in Keycloak before 9.0.2, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 9.0.2, donde cada URL de autorización que apunta a un servidor IDP que carece de una comprobación de entrada inapropiada, ya que permite una amplia gama de caracteres. Este fallo permite a un malicioso diseñar enlaces profundos que introducen escenarios de ataque adicionales en los clientes afectados A flaw was found in Keycloak, where every Authorization URL that points to an IDP server lacks proper input validation as it allows a wide range of characters. This flaw allows a malicious to craft deep links that introduce further attack scenarios on affected clients. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1727 https://access.redhat.com/security/cve/CVE-2020-1727 https://bugzilla.redhat.com/show_bug.cgi?id=1800573 • CWE-20: Improper Input Validation •