SB2018112305 - Red Hat update for keycloak 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018112305

SB2018112305 - Red Hat update for keycloak

Published: November 23, 2018 Updated: November 23, 2018

Security Bulletin ID SB2018112305
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2018-10894)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to SAML authentication incorrectly authenticated expired certificates. A remote attacker can supply specially crafted certificates and gain access to potentially sensitive information.


2) Cross-site scripting (CVE-ID: CVE-2018-14655)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data when using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


3) Brute-force attack (CVE-ID: CVE-2018-14657)

The vulnerability allows remote attacker to perform brute-force attack on the target system.

The vulnerability exists due to improper implementation of the Brute Force detection algorithm doesn't enforce its protection measures when TOPT enabled. A remote attacker can perform a brute force attack, bypass authentication and gain access to device functions.

Successful exploitation of this vulnerability may result in unauthorized access to the system.

4) Open redirect (CVE-ID: CVE-2018-14658)

The vulnerability allows a remote unauthenticated attacker to redirect the target user to external websites.

The weakness exists due to the Redirect URL for both Login and Logout are not normalized in org.keycloak.protocol.oidc.utils.RedirectUtils before the redirect url is verified. A remote attacker can trick the victim into visiting a specially crafted website and redirect users to malicious website.

Remediation

Install update from vendor's website.

References