Veracode Vulnerability DatabaseVERACODE:46381Server Side Request Forgery
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.5%
org.wildfly.security:wildfly-elytron-realm-token is vulnerable to Server Side Request Forgery. The vulnerability is due to JwtValidator.resolvePublicKey not performing any whitelisting or filtering on the destination URL address during the process of checking jku and sending an HTTP request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wildfly elytron - realm token | le | 2.4.0.CR1 | |
| wildfly elytron - realm token | le | 2.4.0.CR1 |
References
access.redhat.com/errata/RHSA-2024:3559
access.redhat.com/errata/RHSA-2024:3560
access.redhat.com/errata/RHSA-2024:3561
access.redhat.com/errata/RHSA-2024:3563
access.redhat.com/errata/RHSA-2024:3580
access.redhat.com/errata/RHSA-2024:3581
access.redhat.com/errata/RHSA-2024:3583
access.redhat.com/security/cve/CVE-2024-1233
bugzilla.redhat.com/show_bug.cgi?id=2262849
github.com/advisories/GHSA-v4mm-q8fv-r2w5
github.com/wildfly-security/wildfly-elytron/commit/d9c0e1fae3dbd10cf8dcad53abd5c9872e17eb9c
github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523
issues.redhat.com/browse/WFLY-19226
Related
7.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
7.1 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
26.5%