Description

Red Hat Keycloak before version 2.4.0 did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm.

Remediation

References

http://rhn.redhat.com/errata/RHSA-2017-0876.html

http://www.securityfocus.com/bid/97392

http://www.securitytracker.com/id/1038180

https://access.redhat.com/errata/RHSA-2017:0872

https://access.redhat.com/errata/RHSA-2017:0873

https://bugzilla.redhat.com/show_bug.cgi?id=1388988

Related Vulnerabilities

CVE-2015-7520 Vulnerability in maven package org.apache.wicket:wicket-core

CVE-2022-45400 Vulnerability in maven package org.jvnet.hudson.plugins:japex

CVE-2021-42340 Vulnerability in maven package org.apache.tomcat:tomcat-websocket

CVE-2022-25898 Vulnerability in maven package org.webjars.npm:jsrsasign

CVE-2020-7656 Vulnerability in maven package org.fujion.webjars:jquery

Severity

High

Classification

CWE-264 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Third Party Advisory VDB Entry Vendor Advisory Issue Tracking