CVE-2024-8698

high

Description

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.

References

https://securityonline.info/cve-2024-8698-keycloak-vulnerability-puts-saml-authentication-at-risk/?&web_view=true

https://github.com/keycloak/keycloak/blob/main/saml-core/src/main/java/org/keycloak/saml/processing/core/util/XMLSignatureUtil.java#L415

https://bugzilla.redhat.com/show_bug.cgi?id=2311641

https://access.redhat.com/security/cve/CVE-2024-8698

https://access.redhat.com/errata/RHSA-2024:6890

https://access.redhat.com/errata/RHSA-2024:6889

https://access.redhat.com/errata/RHSA-2024:6888

https://access.redhat.com/errata/RHSA-2024:6887

https://access.redhat.com/errata/RHSA-2024:6886

https://access.redhat.com/errata/RHSA-2024:6882

https://access.redhat.com/errata/RHSA-2024:6880

https://access.redhat.com/errata/RHSA-2024:6879

https://access.redhat.com/errata/RHSA-2024:6878

Details

Source: Mitre, NVD

Published: 2024-09-19

Updated: 2024-09-20

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.7

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

Severity: High