Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-4XX7-2CX3-X473
HistorySep 19, 2024 - 6:30 p.m.

Keycloak SAML signature validation flaw

2024-09-1918:30:52
CWE-347
GitHub Advisory Database
github.com
1
keycloak
saml
signature validation
xmlsignatureutil
flaw
xml
document
assertions
crafted responses
privilege escalation
impersonation attacks

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.

Affected configurations

Vulners
Node
org.keycloakkeycloak-saml-coreRange<25.0.6
VendorProductVersionCPE
org.keycloakkeycloak-saml-core*cpe:2.3:a:org.keycloak:keycloak-saml-core:*:*:*:*:*:*:*:*

Related

redhatcve 1
nvd 1
cvelist 1
vulnrichment 1
cve 1
osv 1
redhat 9
nessus 3
redhatcve
redhatcve
CVE-2024-8698
2024-09-19 15:45:17
nvd
nvd
CVE-2024-8698
2024-09-19 16:15:06
cvelist
cvelist
CVE-2024-8698 Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak
2024-09-19 15:48:18
vulnrichment
vulnrichment
CVE-2024-8698 Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak
2024-09-19 15:48:18
cve
cve
CVE-2024-8698
2024-09-19 16:15:06
osv
osv
Keycloak SAML signature validation flaw
2024-09-19 18:30:52
redhat
redhat
(RHSA-2024:6889) Important: Red Hat build of Keycloak 24.0.8 Images Update
2024-09-19 17:05:11
(RHSA-2024:6887) Important: Red Hat build of Keycloak 22.0.13 Images Update
2024-09-19 17:01:19
(RHSA-2024:6888) Important: Red Hat build of Keycloak 22.0.13 Update
2024-09-19 17:01:24
nessus
nessus
RHEL 8 : Red Hat Single Sign-On 7.6.11 security update on RHEL 8 (Important) (RHSA-2024:6879)
2024-09-19 00:00:00
RHEL 9 : Red Hat Single Sign-On 7.6.11 security update on RHEL 9 (Important) (RHSA-2024:6880)
2024-09-19 00:00:00
RHEL 7 : Red Hat Single Sign-On 7.6.11 security update on RHEL 7 (Important) (RHSA-2024:6878)
2024-09-19 00:00:00

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

40.0%

JSON
Related for GHSA-4XX7-2CX3-X473
redhatcve1nvd1cvelist1vulnrichment1cve1osv1redhat9nessus3