Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Single Sign-on
Total 74 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10201 1 Redhat 2 Keycloak, Single Sign-on 2020-10-02 5.5 MEDIUM 8.1 HIGH
It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.
CVE-2020-10748 1 Redhat 2 Keycloak, Single Sign-on 2020-09-28 4.3 MEDIUM 6.1 MEDIUM
A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.
CVE-2020-1710 1 Redhat 4 Jboss Data Grid, Jboss Enterprise Application Platform, Openshift Application Runtimes and 1 more 2020-09-22 5.0 MEDIUM 5.3 MEDIUM
The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400.
CVE-2020-1757 1 Redhat 6 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Fuse and 3 more 2020-04-30 5.5 MEDIUM 8.1 HIGH
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
CVE-2020-1697 1 Redhat 2 Keycloak, Single Sign-on 2020-03-11 3.5 LOW 5.4 MEDIUM
It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further attacks.
CVE-2019-14843 1 Redhat 2 Jboss Enterprise Application Platform, Single Sign-on 2020-01-15 6.5 MEDIUM 8.8 HIGH
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss EAP 7 and Red Hat SSO 7 are vulnerable to this issue.
CVE-2019-14837 1 Redhat 2 Keycloak, Single Sign-on 2020-01-15 6.4 MEDIUM 9.1 CRITICAL
A flaw was found in keycloack before version 8.0.0. The owner of 'placeholder.org' domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name 'test' the email address will be 'service-account-test@placeholder.org'.
CVE-2019-3875 1 Redhat 2 Keycloak, Single Sign-on 2019-10-09 5.8 MEDIUM 4.8 MEDIUM
A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols ('http' or 'ldap') and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn't validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.
CVE-2019-3872 1 Redhat 3 Enterprise Linux, Jboss Enterprise Application Platform, Single Sign-on 2019-10-09 3.5 LOW 5.4 MEDIUM
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.
CVE-2019-10157 1 Redhat 2 Keycloak, Single Sign-on 2019-10-09 2.1 LOW 5.5 MEDIUM
It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely.
CVE-2018-14655 1 Redhat 3 Keycloak, Linux, Single Sign-on 2019-10-09 3.5 LOW 5.4 MEDIUM
A flaw was found in Keycloak 3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final. When using 'response_mode=form_post' it is possible to inject arbitrary Javascript-Code via the 'state'-parameter in the authentication URL. This allows an XSS-Attack upon succesfully login.
CVE-2018-10894 1 Redhat 3 Enterprise Linux, Keycloak, Single Sign-on 2019-10-09 5.5 MEDIUM 5.4 MEDIUM
It was found that SAML authentication in Keycloak 3.4.3.Final incorrectly authenticated expired certificates. A malicious user could use this to access unauthorized data or possibly conduct further attacks.
CVE-2019-3873 1 Redhat 3 Enterprise Linux, Jboss Enterprise Application Platform, Single Sign-on 2019-07-06 6.0 MEDIUM 9.0 CRITICAL
It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.
CVE-2018-10934 1 Redhat 3 Enterprise Linux Server, Jboss Enterprise Application Platform, Single Sign-on 2019-06-11 3.5 LOW 5.4 MEDIUM
A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.