CVE-2020-10770

Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.

Se encontró un fallo en Keycloak versiones anteriores a 13.0.0, donde es posible forzar al servidor a llamar a una URL no verificada usando el parámetro OIDC request_uri. Este fallo permite a un atacante usar este parámetro para ejecutar un ataque de tipo Server-side request forgery (SSRF)

A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.

Keycloak version 12.0.1 suffers from a blind server-side request forgery vulnerability.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2020-03-20 CVE Reserved
2020-12-15 CVE Published
2021-10-13 First Exploit
2024-08-04 CVE Updated
2024-09-01 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-918: Server-Side Request Forgery (SSRF)

CAPEC

References (5)

URL	Tag	Source

URL	Date	SRC
https://www.exploit-db.com/exploits/50405	2021-10-13
https://github.com/ColdFusionX/Keycloak-12.0.1-CVE-2020-10770	2022-07-11
http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html	2024-08-04

URL	Date	SRC

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=1846270	2021-02-01
https://access.redhat.com/security/cve/CVE-2020-10770	2021-02-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Keycloak Search vendor "Redhat" for product "Keycloak"				< 12.0.2 Search vendor "Redhat" for product "Keycloak" and version " < 12.0.2"		-		Affected