CVE-2019-10201
keycloak: SAML broker does not check existence of signature on document allowing any user impersonation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.
Se detectó que el broker SAML de Keycloak, versiones hasta 6.0.1, no comprobaba la falta de firmas de mensajes. Si un atacante modifica la Respuesta SAML y elimina las secciones (Signature), el mensaje sigue siendo aceptado y el mensaje puede ser modificado. Un atacante podría utilizar este fallo para hacerse pasar por otros usuarios y obtener acceso a información confidencial.
It was found that Keycloak's SAML broker did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-27 CVE Reserved
- 2019-08-14 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
- CWE-347: Improper Verification of Cryptographic Signature
- CWE-592: DEPRECATED: Authentication Bypass Issues
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201 | 2020-10-02 | |
https://access.redhat.com/security/cve/CVE-2019-10201 | 2020-06-04 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1728609 | 2020-06-04 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Keycloak Search vendor "Redhat" for product "Keycloak" | <= 6.0.1 Search vendor "Redhat" for product "Keycloak" and version " <= 6.0.1" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | 7.0 Search vendor "Redhat" for product "Single Sign-on" and version "7.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | 7.3.3 Search vendor "Redhat" for product "Single Sign-on" and version "7.3.3" | - |
Affected
|