Multiple vulnerabilities in Red Hat Single Sign-On 7.6 for RHEL 8
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2024-4629 CVE-2024-7341 CVE-2024-5967 |
| CWE-ID | CWE-307 CWE-384 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
rh-sso7-keycloak (Red Hat package) Operating systems & Components / Operating system package or component |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Improper Restriction of Excessive Authentication Attempts
EUVDB-ID: #VU97468
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-4629
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a brute-force attack.
The vulnerability exists due to an error when handling unsuccessful login attempts. A remote attacker can initiate multiple login requests simultaneously and bypass the configured limits for failed attempts before the system locks them out.
Install updates from vendor's website.
rh-sso7-keycloak (Red Hat package): before 18.0.16-1.redhat_00001.1.el8sso
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:6494
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Session Fixation
EUVDB-ID: #VU97432
Risk: Medium
CVSSv3.1: 6.2 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-7341
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the session fixation issue in the SAML adapters. A remote user who hijacks the current session before authentication can trigger session fixation.
MitigationInstall updates from vendor's website.
rh-sso7-keycloak (Red Hat package): before 18.0.16-1.redhat_00001.1.el8sso
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:6494
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU93095
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-5967
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to the LDAP testing endpoint allows to change the Connection URL independently
of and without having to re-enter the currently configured LDAP bind
credentials. A remote privileged user can modify the LDAP host URL ("Connection URL") to the attacker-controlled system and force the application to send credentials to a malicious server.
Install updates from vendor's website.
rh-sso7-keycloak (Red Hat package): before 18.0.16-1.redhat_00001.1.el8sso
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2024:6494
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
