Published: 15/12/2020 Updated: 10/11/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

A flaw was found in Keycloak prior to 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an malicious user to use this parameter to execute a Server-side request forgery (SSRF) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat keycloak

Synopsis Important: Red Hat Single Sign-On 745 security update Type/Severity Security Advisory: Important Topic A security update is now available for Red Hat Single Sign-On 74 from the Customer PortalRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...

Synopsis Moderate: Red Hat Single Sign-On 745 security update on RHEL 7 Type/Severity Security Advisory: Moderate Topic New Red Hat Single Sign-On 745 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Commo ...

Synopsis Moderate: Red Hat Single Sign-On 745 security update on RHEL 6 Type/Severity Security Advisory: Moderate Topic New Red Hat Single Sign-On 745 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Commo ...

Synopsis Moderate: Red Hat Single Sign-On 745 security update on RHEL 8 Type/Severity Security Advisory: Moderate Topic New Red Hat Single Sign-On 745 packages are now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Commo ...

A flaw was found in Keycloak before 1300, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack ...

Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2020-1695, CVE-2020-1723, CVE-2020-1725, CVE-2020-10770, CVE-2020-14302, CVE-2020-15522, CVE-2020-25711, CVE-2020-27838, CVE-2020-28052, CVE-2020-28491, CVE-2021-3424, CVE-2021-3712, CVE-2021-20195, CVE-2021-20202, CVE-2021-20222, CVE-2021-20262, CVE-2021-21290, C ...

Keycloak version 1201 suffers from a blind server-side request forgery vulnerability ...

Keycloak Blind SSRF POC This is a step by step walk-through about how to test the Blind SSRF (CVE-2020-10770) found by Lauritz Holtmann and documented in his blog post He also briefly explained how to test it This is just a more detailed explanation All credits go to Lauritz Setup I use Docker on Mac OSX here I needed three shells, one running the Keycloak instance, one fo

Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated)

Keycloak-1201-CVE-2020-10770 Keycloak 1201 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated) Exploit-DB-50405 Expected outcome: Port scan of localhost or internally accessible hosts Intended only for educational and testing in corporate environments This Exploit was tested on Python 386 Vulnerable application : docker run -p 9990:99

CWE-918 https://bugzilla.redhat.com/show_bug.cgi?id=1846270 http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2021:0327 https://github.com/ColdFusionX/Keycloak-12.0.1-CVE-2020-10770 https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-134/index.html

CVE-2020-10770

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect