Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-27838Improper Authentication in Redhat Keycloak

CWE-287Improper Authentication6 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
85.1%
top 0.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Redhat KeycloakRedhat Single Sign-on
Timeline
PublishedMar 8
Latest updateMay 24

Description

A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulnerability is to data confidentiality.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

NVDredhat/keycloak< 13.0.0
CVEListV5redhat/keycloakkeycloak 13.0.0

🔴Vulnerability Details

3
OSV
Keycloak discloses information without authentication2022-05-24
GHSA
Keycloak discloses information without authentication2022-05-24
CVEList
CVE-2020-27838: A flaw was found in keycloak in versions prior to 132021-03-08

💥Exploits & PoCs

1
Nuclei
KeyCloak - Information Exposure

📋Vendor Advisories

1
Red Hat
keycloak: Exploiting the client registration API2020-12-11
CVE-2020-27838 — Improper Authentication in Redhat | cvebase