75 results (0.009 seconds)

CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 0

CVE-2023-6291 – Keycloak: redirect_uri validation bypass

https://notcve.org/view.php?id=CVE-2023-6291

A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users. Se encontró un fallo en la lógica de validación de redirect_uri en Keycloak. Este problema puede permitir la omisión de hosts permitidos explícitamente. • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/errata/RHSA-2023:7860 https://access.redhat.com/errata/RHSA-2023:7861 https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 5.4EPSS: 0%CPEs: 15EXPL: 1

CVE-2023-6134 – Keycloak: reflected xss via wildcard in oidc redirect_uri

https://notcve.org/view.php?id=CVE-2023-6134

A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748. Se encontró una falla en Keycloak que impide ciertos esquemas en las redirecciones, pero los permite si se agrega un comodín al token. Este problema podría permitir que un atacante envíe una solicitud especialmente manipulada que dé lugar a cross-site scripting (XSS) o más ataques. • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/errata/RHSA-2023:7860 https://access.redhat.com/errata/RHSA-2023:7861 https://access.redhat.com/errata/RHSA-2024:0798 https://access.redhat.com/errata/RHSA-2024:0799 https://access.redhat.com/errata/RHSA • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.7EPSS: 0%CPEs: 15EXPL: 1

CVE-2023-6563 – Keycloak: offline session token dos

https://notcve.org/view.php?id=CVE-2023-6563

An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (> 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the "consents" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system. Se descubrió una vulnerabilidad de consumo de memoria sin restricciones en Keycloak. Se puede activar en entornos que tienen millones de tokens fuera de línea (> 500.000 usuarios, cada uno con al menos 2 sesiones guardadas). • https://access.redhat.com/errata/RHSA-2023:7854 https://access.redhat.com/errata/RHSA-2023:7855 https://access.redhat.com/errata/RHSA-2023:7856 https://access.redhat.com/errata/RHSA-2023:7857 https://access.redhat.com/errata/RHSA-2023:7858 https://access.redhat.com/security/cve/CVE-2023-6563 https://bugzilla.redhat.com/show_bug.cgi?id=2253308 https://github.com/keycloak/keycloak/issues/13340 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-4918 – Plaintext storage of user password

https://notcve.org/view.php?id=CVE-2023-4918

A flaw was found in the Keycloak package, more specifically org.keycloak.userprofile. When a user registers itself through registration flow, the "password" and "password-confirm" field from the form will occur as regular user attributes. All users and clients with proper rights and roles are able to read users attributes, allowing a malicious user with minimal access to retrieve the users passwords in clear text, jeopardizing their environment. Se encontró una falla en el paquete Keycloak, más específicamente en org.keycloak.userprofile. Cuando un usuario se registra a través del flujo de registro, los campos "contraseña" y "confirmación de contraseña" del formulario aparecerán como atributos de usuario normales. • https://access.redhat.com/security/cve/CVE-2023-4918 https://bugzilla.redhat.com/show_bug.cgi?id=2238588 https://github.com/keycloak/keycloak/security/advisories/GHSA-5q66-v53q-pm35 • CWE-256: Plaintext Storage of a Password CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 1

CVE-2023-0264 – keycloak: user impersonation via stolen uuid code

https://notcve.org/view.php?id=CVE-2023-0264

A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante autenticado que pudiera obtener información de una solicitud de usuario dentro del mismo entorno, podría utilizar esos datos para hacerse pasar por la víctima y generar nuevos tokens de sesión. • https://github.com/twwd/CVE-2023-0264 https://access.redhat.com/security/cve/CVE-2023-0264 https://bugzilla.redhat.com/show_bug.cgi?id=2160585 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •