CVE-2019-10201DEPRECATED: Authentication Bypass Issues in Redhat Keycloak

CWE-592DEPRECATED: Authentication Bypass IssuesCWE-347Improper Verification of Cryptographic SignatureCWE-287Improper Authentication6 documents6 sources
Severity
8.1HIGHNVD
EPSS
0.1%
top 66.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Redhat KeycloakRED HAT KeycloakRedhat Single Sign-on
Timeline
PublishedAug 14
Latest updateSep 23

Description

It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

NVDredhat/keycloak6.0.1
CVEListV5red_hat/keycloakup to keycloak 6.0.1
NVDredhat/single_sign-on7.0, 7.3.3+1

🔴Vulnerability Details

3
OSV
Improper Verification of Cryptographic Signature in keycloak2019-09-23
GHSA
Improper Verification of Cryptographic Signature in keycloak2019-09-23
CVEList
CVE-2019-10201: It was found that Keycloak's SAML broker, versions up to 62019-08-14

📋Vendor Advisories

1
Red Hat
keycloak: SAML broker does not check existence of signature on document allowing any user impersonation2019-08-13

💬Community

1
Bugzilla
CVE-2019-10201 keycloak: SAML broker does not check existence of signature on document allowing any user impersonation2019-07-10
CVE-2019-10201 — Redhat Keycloak vulnerability | cvebase