#VU70169 Path traversal in Keycloak - CVE-2022-3782


Vulnerability identifier: #VU70169

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-3782

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Keycloak
Server applications / Directory software, identity management

Vendor: Keycloak

Description

The vulnerability allows a remote attacker to perform path traversal attacks.

The vulnerability exists due to insufficient validation of URLs included in a redirect. A remote attacker can construct a malicious request to bypass validation by using double encoding, access other URLs and potentially sensitive information within the domain.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Keycloak: 1.0 - 19.0.3, 20.0.0

External links
https://github.com/keycloak/keycloak/security/advisories/GHSA-g8q8-fggx-9r3q

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Red Hat Process Automation Manager 7.13
Multiple vulnerabilities in Red Hat Integration - Service Registry
Multiple vulnerabilities in IBM Business Automation Manager Open Editions
Multiple vulnerabilities in Red Hat AMQ Broker 7.10
Multiple vulnerabilities in Red Hat Migration Toolkit for Applications
Multiple vulnerabilities in Red Hat AMQ Broker
Multiple vulnerabilities in Migration Toolkit for Runtimes
Multiple vulnerabilities in Red Hat Single Sign-On 7.6
Multiple vulnerabilities in Red Hat Single Sign-On 7.6 for RHEL 7
Multiple vulnerabilities in Red Hat Single Sign-On 7.6 for RHEL 8