| Vulnerability Name: | CVE-2017-2582 (CCN-148175) | ||||||||||||
| Assigned: | 2016-12-01 | ||||||||||||
| Published: | 2018-06-07 | ||||||||||||
| Updated: | 2019-01-23 | ||||||||||||
| Summary: | It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response. | ||||||||||||
| CVSS v3 Severity: | 6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) 5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-200 | ||||||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2017-2582 Source: BID Type: Third Party Advisory, VDB Entry 101046 Source: CCN Type: BID-101046 Picketlink and KeyCloak CVE-2017-2582 Information Disclosure Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1041707 Source: REDHAT Type: Vendor Advisory RHSA-2017:2808 Source: REDHAT Type: Vendor Advisory RHSA-2017:2809 Source: REDHAT Type: Vendor Advisory RHSA-2017:2810 Source: REDHAT Type: Vendor Advisory RHSA-2017:2811 Source: REDHAT Type: Vendor Advisory RHSA-2017:3216 Source: REDHAT Type: Vendor Advisory RHSA-2017:3217 Source: REDHAT Type: Vendor Advisory RHSA-2017:3218 Source: REDHAT Type: Vendor Advisory RHSA-2017:3219 Source: REDHAT Type: Vendor Advisory RHSA-2017:3220 Source: REDHAT Type: Vendor Advisory RHSA-2018:2740 Source: REDHAT Type: Vendor Advisory RHSA-2018:2741 Source: REDHAT Type: Vendor Advisory RHSA-2018:2742 Source: REDHAT Type: Vendor Advisory RHSA-2018:2743 Source: REDHAT Type: UNKNOWN RHSA-2019:0136 Source: REDHAT Type: UNKNOWN RHSA-2019:0137 Source: REDHAT Type: UNKNOWN RHSA-2019:0139 Source: CCN Type: Red Hat Bugzilla Bug 1410481 (CVE-2017-2582) CVE-2017-2582 picketlink, keycloak: SAML request parser replaces special strings with system properties Source: CONFIRM Type: Issue Tracking, Patch, Vendor Advisory https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582 Source: XF Type: UNKNOWN redhat-cve20172582-info-disc(148175) Source: CONFIRM Type: Patch, Third Party Advisory https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237 Source: CCN Type: Keycloak Web site Keycloak Source: CCN Type: WhiteSource Vulnerability Database CVE-2017-2582 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||