6.8

CVE-2021-3827

EPSS 0.22%
Published 23.08.2022 16:15:10
Last modified 21.11.2024 06:22:33
Source secalert@redhat.com
Teams watchlist Login
Open Login

A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Keycloak Version < 18.0.0

Redhat ≫ Single Sign-on Version7.0

Redhat ≫ Single Sign-on Version7.5.0

Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0 SwEdition-

Redhat ≫ Openshift Container Platform Version4.8

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Openshift Container Platform Version4.9

Redhat ≫ Enterprise Linux Version8.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.22%	0.445

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	1.6	5.2	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://access.redhat.com/security/cve/CVE-2021-3827

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2007512

Vendor Advisory

Issue Tracking

https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d

Patch

Third Party Advisory

https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-3827

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-3827

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-3827

EUVD