Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2024-8698
HistorySep 19, 2024 - 3:45 p.m.

CVE-2024-8698

2024-09-1915:45:17
redhat.com
access.redhat.com
saml signature
keycloak
xmlsignatureutil
crafted responses
privilege escalation
impersonation
validation
mitigation
red hat product security

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

AI Score

6.8

Confidence

Low

JSON

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.

Mitigation

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Related

github 1
nvd 1
cvelist 1
vulnrichment 1
cve 1
osv 1
redhat 9
nessus 3
github
github
Keycloak SAML signature validation flaw
2024-09-19 18:30:52
nvd
nvd
CVE-2024-8698
2024-09-19 16:15:06
cvelist
cvelist
CVE-2024-8698 Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak
2024-09-19 15:48:18
vulnrichment
vulnrichment
CVE-2024-8698 Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak
2024-09-19 15:48:18
cve
cve
CVE-2024-8698
2024-09-19 16:15:06
osv
osv
Keycloak SAML signature validation flaw
2024-09-19 18:30:52
redhat
redhat
(RHSA-2024:6888) Important: Red Hat build of Keycloak 22.0.13 Update
2024-09-19 17:01:24
(RHSA-2024:6878) Important: Red Hat Single Sign-On 7.6.11 security update on RHEL 7
2024-09-19 16:39:19
(RHSA-2024:6879) Important: Red Hat Single Sign-On 7.6.11 security update on RHEL 8
2024-09-19 16:39:24
nessus
nessus
RHEL 8 : Red Hat Single Sign-On 7.6.11 security update on RHEL 8 (Important) (RHSA-2024:6879)
2024-09-19 00:00:00
RHEL 9 : Red Hat Single Sign-On 7.6.11 security update on RHEL 9 (Important) (RHSA-2024:6880)
2024-09-19 00:00:00
RHEL 7 : Red Hat Single Sign-On 7.6.11 security update on RHEL 7 (Important) (RHSA-2024:6878)
2024-09-19 00:00:00

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

AI Score

6.8

Confidence

Low

JSON
Related for RH:CVE-2024-8698
github1nvd1cvelist1vulnrichment1cve1osv1redhat9nessus3