cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-8883,https://securityvulnerability.io/vulnerability/CVE-2024-8883,"Attackers can Redirect Users to Arbitrary URLs, Exposing Sensitive Information","A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a 'Valid Redirect URI' is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.",Red Hat,"Red Hat Build Of Keycloak,Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 24,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform 8.0 For Rhel 8,Red Hat Jboss Enterprise Application Platform 8.0 For Rhel 9,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers",6.1,MEDIUM,0.0024399999529123306,false,,false,false,false,,,false,false,,2024-09-19T15:48:28.468Z,0
CVE-2024-8698,https://securityvulnerability.io/vulnerability/CVE-2024-8698,Flaw in SAML Signature Validation Method Allows Privilege Escalation or Impersonation Attacks,"CVE-2024-8698 is a privilege escalation and impersonation vulnerability located in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The vulnerability allows attackers to create crafted responses that can bypass validation, potentially leading to privilege escalation or impersonation attacks. The impact of the exploitation can have a high impact on confidentiality, with lower impacts on integrity and availability. The vulnerability is addressed in Keycloak version 25.0.6 and organizations using Keycloak are strongly recommended to install updates as soon as possible. It is also recommended to implement updates from other vendors who rely on Keycloak for identity and access management. Upgrading to the newest version may provide safety from future exploitation, but it does not remediate historic compromise. At the time of reporting, no active exploitation of this vulnerability by ransomware groups was reported.",Red Hat,"Red Hat Build Of Keycloak,Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 24,Red Hat Jboss Enterprise Application Platform 8,Red Hat Jboss Enterprise Application Platform 8.0 For Rhel 8,Red Hat Jboss Enterprise Application Platform 8.0 For Rhel 9,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers",7.7,HIGH,0.0007099999929778278,false,,true,false,true,2024-09-25T18:56:46.000Z,true,false,false,,2024-09-19T15:48:18.464Z,0
CVE-2024-5967,https://securityvulnerability.io/vulnerability/CVE-2024-5967,LDAP Endpoint Vulnerability Allows Credentials Leakage,"A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL (""Connection URL"") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.",Red Hat,"Red Hat Build Of Keycloak,Red Hat Build Of Keycloak 22,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers",2.7,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-18T12:05:39.289Z,0
CVE-2024-4540,https://securityvulnerability.io/vulnerability/CVE-2024-4540,Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie,"A vulnerability exists in Keycloak related to OAuth 2.0 Pushed Authorization Requests (PAR). This issue arises from client-provided parameters being transmitted in plain text within the KC_RESTART cookie included in the HTTP response of the authorization server during a `request_uri` authorization request. This situation could potentially lead to unauthorized information disclosure, allowing attackers to access sensitive data inadvertently exposed through these cookies. It's crucial for users and administrators to review their Keycloak implementations for configurations susceptible to this flaw.",Red Hat,"Red Hat Build Of Keycloak,Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 24,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers",7.5,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-03T16:15:00.000Z,0
CVE-2023-6484,https://securityvulnerability.io/vulnerability/CVE-2023-6484,Keycloak: log injection during webauthn authentication or registration,A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.,Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.10,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Rhsso 7.6.8",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-04-25T16:15:00.000Z,0
CVE-2023-3597,https://securityvulnerability.io/vulnerability/CVE-2023-3597,Keycloak Authentication Bypass Vulnerability,"A security flaw exists in Keycloak, where the system fails to accurately validate client step-up authentication processes. This creates a potential risk whereby an authenticated remote user can register a fraudulent second authentication factor alongside an existing one. Utilizing this vulnerability, attackers could bypass the intended security measures, allowing them unauthorized access to sensitive resources. Proper validation mechanisms are crucial to ensure that the authentication process functions as intended, safeguarding against unauthorized actions.",Red Hat,",Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.10,Rhsso 7.6.8",5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-04-25T12:20:11.606Z,0
CVE-2024-2419,https://securityvulnerability.io/vulnerability/CVE-2024-2419,Bypass of Redirect URI Validation in Keycloak May Lead to Access Token Theft,"A security flaw in Keycloak's implementation of the redirect_uri validation logic could enable attackers to bypass predefined host restrictions. This flaw allows for potential access token theft, which may lead attackers to impersonate legitimate users. The vulnerability is noteworthy due to its similarities to previous issues that were exploited, highlighting the need for immediate remediation in the affected versions of Keycloak.",Red Hat,"Upstream,Red Hat Build Of Keycloak 22",7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-04-17T13:23:34.652Z,0
CVE-2024-1132,https://securityvulnerability.io/vulnerability/CVE-2024-1132,Keycloak Flaw Allows Attackers to Bypass Validation and Access Sensitive Information,"A security vulnerability has been identified in Keycloak, where improper URL validation in redirects could enable an attacker to exploit this flaw. This issue particularly affects clients that utilize wildcards in the Valid Redirect URIs field, which could allow malicious requests to bypass intended restrictions. As a result, sensitive information may be accessed without authorization, potentially leading to further attacks. User interaction is necessary to trigger this vulnerability, making it essential for users and administrators to be informed about securing their implementations of Keycloak.",Red Hat,"Migration Toolkit For Runtimes 1 On Rhel 8,Mta-6.2-rhel-9,Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.10,Red Hat Jboss A-MQ 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Rhsso 7.6.8,Red Hat Build Of Quarkus,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Integration Service Registry,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 6,Red Hat Jboss Enterprise Application Platform 7,Red Hat Jboss Fuse 7,Red Hat Process Automation 7",8.1,HIGH,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-04-17T13:21:19.130Z,0
CVE-2023-6291,https://securityvulnerability.io/vulnerability/CVE-2023-6291,Keycloak: redirect_uri validation bypass,"A flaw has been identified in the redirect_uri validation logic within Keycloak, a product developed by Red Hat. This vulnerability could potentially allow attackers to bypass explicitly allowed hosts, leading to unauthorized access. If exploited, it may enable the theft of access tokens, thereby allowing attackers to impersonate legitimate users and compromise sensitive data. Organizations using Keycloak should ensure they are aware of this issue and implement appropriate security measures to mitigate the risks associated with this vulnerability.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.7,Red Hat Single Sign-on 7,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6,Migration Toolkit For Applications 6,Migration Toolkit For Applications 7,Openshift Serverless,Red Hat Data Grid 8,Red Hat Decision Manager 7,Red Hat Fuse 7,Red Hat Jboss Data Grid 7,Red Hat Jboss Enterprise Application Platform 6,Red Hat Process Automation 7",7.1,HIGH,0.003389999968931079,false,,false,false,false,,,false,false,,2024-01-26T14:23:43.185Z,0
CVE-2023-6927,https://securityvulnerability.io/vulnerability/CVE-2023-6927,"Keycloak: open redirect via ""form_post.jwt"" jarm response mode","A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode ""form_post.jwt"" which could be used to bypass the security patch implemented to address CVE-2023-6134.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.8,Red Hat Single Sign-on 7.0,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6",4.6,MEDIUM,0.00443999981507659,false,,false,false,false,,,false,false,,2023-12-18T23:15:00.000Z,0
CVE-2023-6134,https://securityvulnerability.io/vulnerability/CVE-2023-6134,Keycloak: reflected xss via wildcard in oidc redirect_uri,"A flaw was found in Keycloak that prevents certain schemes in redirects, but permits them if a wildcard is appended to the token. This issue could allow an attacker to submit a specially crafted request leading to cross-site scripting (XSS) or further attacks. This flaw is the result of an incomplete fix for CVE-2020-10748.",Red Hat,"Red Hat Build Of Keycloak 22,Red Hat Build Of Keycloak 22.0.7,Red Hat Single Sign-on 7.0,Red Hat Single Sign-on 7.6 For Rhel 7,Red Hat Single Sign-on 7.6 For Rhel 8,Red Hat Single Sign-on 7.6 For Rhel 9,Rhel-8 Based Middleware Containers,Single Sign-on 7.6.6",4.6,MEDIUM,0.001500000013038516,false,,false,false,false,,,false,false,,2023-12-14T22:15:00.000Z,0