Lucene search

K

RedhatVULNRICHMENT:CVE-2024-8883

HistorySep 19, 2024 - 3:48 p.m.

CVE-2024-8883 Keycloak: vulnerable redirect uri validation results in open redirec

2024-09-1915:48:28

CWE-601

redhat

github.com

2

keycloak misconfiguration

open redirect

session hijacking

cve-2024-8883

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a ‘Valid Redirect URI’ is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.

References

access.redhat.com/errata/RHSA-2024:6878

access.redhat.com/errata/RHSA-2024:6879

access.redhat.com/errata/RHSA-2024:6880

access.redhat.com/errata/RHSA-2024:6882

access.redhat.com/errata/RHSA-2024:6886

access.redhat.com/errata/RHSA-2024:6887

access.redhat.com/errata/RHSA-2024:6888

access.redhat.com/errata/RHSA-2024:6889

access.redhat.com/errata/RHSA-2024:6890

access.redhat.com/security/cve/CVE-2024-8883

bugzilla.redhat.com/show_bug.cgi?id=2312511

github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

AI Score

6.7

Confidence

Low

EPSS

0.005

Percentile

76.5%

SSVC

Exploitation

none

Automatable

no

Technical Impact

total

Related for VULNRICHMENT:CVE-2024-8883

osv1 github1 cve1 wolfi1 cvelist1 nvd1 redhatcve1 nessus3 redhat9