Single Sign-on Security Vulnerabilities and Issues — Page 2 of Single Sign-on CVE List

Lucene search

RedhatSingle Sign-on

98 matches found

CVE•added 2022/04/26 7:15 p.m.•143 views

CVE-2022-1466

Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.

6.5CVSS6.2AI score0.00255EPSS

CVE•added 2020/05/13 7:15 p.m.•139 views

CVE-2020-1714

A flaw was found in Keycloak before version 11.0.0, where the code base contains usages of ObjectInputStream without type checks. This flaw allows an attacker to inject arbitrarily serialized Java Objects, which would then get deserialized in a privileged context and potentially lead to remote code...

8.8CVSS8.5AI score0.02152EPSS

CVE•added 2023/02/23 8:15 p.m.•138 views

CVE-2022-4492

The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.

7.5CVSS7.3AI score0.00124EPSS

CVE•added 2023/10/04 11:15 a.m.•138 views

CVE-2023-2422

A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to oth...

7.1CVSS6.5AI score0.00217EPSS

CVE•added 2020/07/24 4:15 p.m.•136 views

CVE-2020-14307

A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft...

6.5CVSS6.1AI score0.00415EPSS

CVE•added 2020/11/02 9:15 p.m.•134 views

CVE-2020-25689

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. This flaw allows an attacker to cause an Out of memory (OOM) issue...

6.8CVSS6.1AI score0.00392EPSS

CVE•added 2022/08/31 4:15 p.m.•131 views

CVE-2022-1259

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.

7.5CVSS6.3AI score0.00156EPSS

CVE•added 2023/07/07 8:15 p.m.•131 views

CVE-2022-4361

Keycloak, an open-source identity and access management solution, has a cross-site scripting (XSS) vulnerability in the SAML or OIDC providers. The vulnerability can allow an attacker to execute malicious scripts by setting the AssertionConsumerServiceURL value or the redirect_uri.

10CVSS5.7AI score0.00311EPSS

CVE•added 2019/06/12 2:29 p.m.•130 views

CVE-2019-3875

A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often availab...

6.5CVSS5AI score0.00047EPSS

CVE•added 2019/10/14 3:15 p.m.•129 views

CVE-2019-14838

A flaw was found in wildfly-core before 7.2.5.GA. The Management users with Monitor, Auditor and Deployer Roles should not be allowed to modify the runtime state of the server

5.2CVSS5AI score0.00402EPSS

CVE•added 2023/03/27 10:15 p.m.•128 views

CVE-2022-2237

A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.

6.1CVSS6AI score0.00085EPSS

CVE•added 2020/02/10 3:15 p.m.•125 views

CVE-2020-1697

It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further atta...

6.1CVSS5AI score0.00283EPSS

CVE•added 2022/03/11 6:15 p.m.•125 views

CVE-2022-0853

A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability.

7.5CVSS7.1AI score0.01364EPSS

CVE•added 2022/08/26 6:15 p.m.•124 views

CVE-2022-0225

A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site scripting (XSS) attack.

5.4CVSS4.9AI score0.00348EPSS

CVE•added 2023/05/26 6:15 p.m.•121 views

CVE-2023-1664

A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If th...

6.5CVSS6.1AI score0.00238EPSS

CVE•added 2019/11/25 11:15 a.m.•120 views

CVE-2019-10174

A vulnerability was found in Infinispan such that the invokeAccessibly method from the public class ReflectionUtil allows any application class to invoke private methods in any class with Infinispan's privileges. The attacker can use reflection to introduce new, malicious behavior into the applicat...

8.8CVSS8.3AI score0.01073EPSS

CVE•added 2020/01/08 3:15 p.m.•116 views

CVE-2019-14820

It was found that keycloak before version 8.0.0 exposes internal adapter endpoints in org.keycloak.constants.AdapterConstants, which can be invoked via a specially-crafted URL. This vulnerability could allow an attacker to access unauthorized information.

4.3CVSS4.4AI score0.0031EPSS

CVE•added 2021/07/09 11:15 a.m.•116 views

CVE-2021-3637

A flaw was found in keycloak-model-infinispan in keycloak versions before 14.0.0 where authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly which could lead to a DoS attack.

7.5CVSS7.1AI score0.00409EPSS

CVE•added 2022/09/13 2:15 p.m.•116 views

CVE-2022-1278

A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.

7.5CVSS7.3AI score0.00761EPSS

CVE•added 2020/05/11 9:15 p.m.•114 views

CVE-2020-1724

A flaw was found in Keycloak in versions before 9.0.2. This flaw allows a malicious user that is currently logged in, to see the personal information of a previously logged out user in the account manager section.

4.3CVSS4AI score0.00232EPSS

CVE•added 2020/09/16 6:15 p.m.•113 views

CVE-2020-10748

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.

6.1CVSS5.3AI score0.00391EPSS

CVE•added 2020/03/16 3:15 p.m.•111 views

CVE-2019-14887

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. Thi...

9.1CVSS8.7AI score0.00177EPSS

CVE•added 2019/06/12 2:29 p.m.•110 views

CVE-2019-3873

It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.

9CVSS8.6AI score0.00506EPSS

CVE•added 2021/02/11 6:15 p.m.•110 views

CVE-2020-1717

A flaw was found in Keycloak 7.0.1. A logged in user can do an account email enumeration attack.

4CVSS3.6AI score0.00183EPSS

CVE•added 2020/01/07 5:15 p.m.•109 views

CVE-2019-14837

A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be '[email protected]'.

9.1CVSS9AI score0.01008EPSS

CVE•added 2022/09/01 9:15 p.m.•109 views

CVE-2022-2256

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

3.8CVSS4AI score0.00308EPSS

CVE•added 2019/06/12 2:29 p.m.•108 views

CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.

5.4CVSS5.2AI score0.00234EPSS

CVE•added 2019/08/14 5:15 p.m.•106 views

CVE-2019-10201

It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to imperso...

8.1CVSS7.9AI score0.00143EPSS

CVE•added 2022/08/05 5:15 p.m.•106 views

CVE-2022-2668

An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled

7.2CVSS6.7AI score0.00235EPSS

CVE•added 2019/03/27 1:29 p.m.•103 views

CVE-2018-10934

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

5.4CVSS5.5AI score0.00439EPSS

CVE•added 2020/09/16 4:15 p.m.•101 views

CVE-2020-10758

A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.

7.5CVSS7.2AI score0.00529EPSS

CVE•added 2021/06/01 7:15 p.m.•100 views

CVE-2021-3424

A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges.

5.3CVSS5.2AI score0.00164EPSS

CVE•added 2022/08/26 4:15 p.m.•93 views

CVE-2021-3754

A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.

5.3CVSS5.1AI score0.04922EPSS

CVE•added 2019/06/12 2:29 p.m.•92 views

CVE-2019-10157

It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefi...

5.5CVSS5.1AI score0.00019EPSS

CVE•added 2021/03/09 6:15 p.m.•92 views

CVE-2021-20262

A flaw was found in Keycloak 12.0.0 where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality, integrity...

6.8CVSS6.2AI score0.00044EPSS

CVE•added 2022/08/26 4:15 p.m.•91 views

CVE-2021-3632

A flaw was found in Keycloak. This vulnerability allows anyone to register a new security device or key when there is not a device already registered for any user by using the WebAuthn password-less login flow.

7.5CVSS7.2AI score0.00135EPSS

CVE•added 2022/04/01 11:15 p.m.•85 views

CVE-2021-3461

A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].

7.1CVSS6.6AI score0.00052EPSS

CVE•added 2024/09/03 8:15 p.m.•83 views

CVE-2024-4629

A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This ...

6.5CVSS6.6AI score0.00166EPSS

CVE•added 2018/07/23 10:29 p.m.•78 views

CVE-2018-10912

keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial of Service on the ser...

4.9CVSS4.8AI score0.00474EPSS

CVE•added 2020/10/16 2:15 p.m.•78 views

CVE-2020-14299

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user a...

6.5CVSS6.3AI score0.00096EPSS

CVE•added 2021/02/11 6:15 p.m.•77 views

CVE-2020-10734

A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Application Runtimes are believed to be vulnerable.

3.3CVSS3.9AI score0.0002EPSS

CVE•added 2021/03/08 10:15 p.m.•75 views

CVE-2020-27838

A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulne...

6.5CVSS6.4AI score0.89101EPSS

CVE•added 2021/05/26 10:15 p.m.•72 views

CVE-2020-10695

An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.

7.8CVSS7.6AI score0.00041EPSS

CVE•added 2018/08/01 5:29 p.m.•70 views

CVE-2018-10894

It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.

5.5CVSS5.8AI score0.00054EPSS

CVE•added 2024/11/07 10:15 a.m.•66 views

CVE-2023-1932

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-S...

6.1CVSS6.1AI score0.00144EPSS

CVE•added 2018/11/13 7:29 p.m.•58 views

CVE-2018-14657

A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.

8.1CVSS7.8AI score0.00387EPSS

CVE•added 2018/11/13 7:29 p.m.•56 views

CVE-2018-14655

A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login.

5.4CVSS5.7AI score0.00234EPSS

CVE•added 2021/01/12 3:15 p.m.•45 views

CVE-2020-14341

The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the user's choosing, and originating from the RHSSO installation. By observing differences in the timings...

4CVSS4AI score0.00298EPSS

Total number of security vulnerabilities98