CVE-2024-7260

Oct. 1, 2024, 2:15 p.m.

6.1
Medium

Description

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it redirects to a malicious server. This issue can result in a victim inadvertently trusting the destination of the redirect, potentially leading to a successful phishing attack or other types of attacks. Once a crafted URL is made, it can be sent to a Keycloak admin via email for example. This will trigger this vulnerability when the user visits the page and clicks the link. A malicious actor can use this to target users they know are Keycloak admins for further attacks. It may also be possible to bypass other domain-related security checks, such as supplying this as a OAuth redirect uri. The malicious actor can further obfuscate the redirect_uri using URL encoding, to hide the text of the actual malicious website domain.

Product(s) Impacted

Vendor Product Versions
Redhat
  • Build Of Keycloak
  • Keycloak
  • *
  • *

Weaknesses

CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

*CPE(s)

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a redhat build_of_keycloak / / / / / / / /
a redhat keycloak / / / / / / / /

References

https://access.redhat.com/errata/RHSA-2024:6502
https://access.redhat.com/errata/RHSA-2024:6503
https://access.redhat.com/security/cve/CVE-2024-7260
https://bugzilla.redhat.com/show_bug.cgi?id=2301875

Tags

secalert@redhat.com
CWE-601
2024-09-09
CVE-2024-7260

CVSS Score

6.1 / 10

CVSS Data

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: NONE
  • Scope: CHANGED
  • Confidentiality Impact: LOW
  • Integrity Impact: LOW
  • Availability Impact: NONE
    • View Vector String

    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Date

  • Published: Sept. 9, 2024, 7:15 p.m.
  • Last Modified: Oct. 1, 2024, 2:15 p.m.

Status : Modified

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

secalert@redhat.com

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.