A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.
Metrics
Affected Vendors & Products
References
History
Fri, 13 Dec 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 05 Nov 2024 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:jboss_enterprise_application_platform:8.0 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8 cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9 |
|
References |
|
Thu, 19 Sep 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhosemc
|
|
CPEs | cpe:/a:redhat:build_keycloak:22 cpe:/a:redhat:build_keycloak:22::el9 cpe:/a:redhat:build_keycloak:24 cpe:/a:redhat:build_keycloak:24::el9 cpe:/a:redhat:red_hat_single_sign_on:7.6 cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 cpe:/a:redhat:rhosemc:1.0::el8 |
|
Vendors & Products |
Redhat rhosemc
|
|
References |
|
|
Thu, 19 Sep 2024 19:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Thu, 19 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Sep 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks. | |
Title | Keycloak-saml-core: improper verification of saml responses leading to privilege escalation in keycloak | |
First Time appeared |
Redhat
Redhat build Keycloak Redhat jboss Enterprise Application Platform Redhat red Hat Single Sign On |
|
Weaknesses | CWE-347 | |
CPEs | cpe:/a:redhat:build_keycloak: cpe:/a:redhat:jboss_enterprise_application_platform:8 cpe:/a:redhat:red_hat_single_sign_on:7 |
|
Vendors & Products |
Redhat
Redhat build Keycloak Redhat jboss Enterprise Application Platform Redhat red Hat Single Sign On |
|
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-09-19T15:48:18.464Z
Updated: 2024-12-13T14:15:19.702Z
Reserved: 2024-09-11T12:55:53.092Z
Link: CVE-2024-8698
Vulnrichment
Updated: 2024-09-19T17:57:02.926Z
NVD
Status : Awaiting Analysis
Published: 2024-09-19T16:15:06.177
Modified: 2024-12-12T20:15:22.150
Link: CVE-2024-8698
Redhat