[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195549

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2017-2582Date: (C)2018-07-30   (M)2023-12-22


It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.5CVSS Score : 4.0
Exploit Score: 2.8Exploit Score: 8.0
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: SINGLE
User Interaction: NONEConfidentiality: PARTIAL
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: NONE
Integrity: NONE 
Availability: NONE 
  
Reference:
BID-101046
SECTRACK-1041707
RHSA-2017:2808
RHSA-2017:2809
RHSA-2017:2810
RHSA-2017:2811
RHSA-2017:3216
RHSA-2017:3217
RHSA-2017:3218
RHSA-2017:3219
RHSA-2017:3220
RHSA-2018:2740
RHSA-2018:2741
RHSA-2018:2742
RHSA-2018:2743
RHSA-2019:0136
RHSA-2019:0137
RHSA-2019:0139
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582
https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237

CPE    3
cpe:/o:redhat:enterprise_linux:5.0
cpe:/o:redhat:enterprise_linux:7.0
cpe:/a:redhat:jboss_enterprise_application_platform:6.0.0
CWE    1
CWE-200

© SecPod Technologies