CVE-2024-8883
Keycloak: vulnerable redirect uri validation results in open redirec
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.
*Credits:
Red Hat would like to thank Karsten Meyer zu Selhausen and Niklas Conrad for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-09-16 CVE Reserved
- 2024-09-19 CVE Published
- 2024-12-17 EPSS Updated
- 2024-12-24 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2024-8883 | 2024-09-19 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2312511 | 2024-09-19 | |
| https://access.redhat.com/errata/RHSA-2024:10385 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:10386 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6878 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6879 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6880 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6882 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6886 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6887 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6888 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6889 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:6890 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:8823 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:8824 | 2024-12-24 | |
| https://access.redhat.com/errata/RHSA-2024:8826 | 2024-12-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Build Keycloak Search vendor "Redhat" for product "Build Keycloak" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Build Of Keycloak Search vendor "Redhat" for product "Build Of Keycloak" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Jboss Enterprise Application Platform Search vendor "Redhat" for product "Jboss Enterprise Application Platform" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform For Ibm Z Search vendor "Redhat" for product "Openshift Container Platform For Ibm Z" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform For Linuxone Search vendor "Redhat" for product "Openshift Container Platform For Linuxone" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform For Power Search vendor "Redhat" for product "Openshift Container Platform For Power" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Red Hat Single Sign On Search vendor "Redhat" for product "Red Hat Single Sign On" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Rhosemc Search vendor "Redhat" for product "Rhosemc" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Single Sign-on Search vendor "Redhat" for product "Single Sign-on" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | * | - |
Affected
| ||||||