Description
The SAML broker consumer endpoint in Keycloak before version 4.6.0.Final ignores expiration conditions on SAML assertions. An attacker can exploit this vulnerability to perform a replay attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14637
Related Vulnerabilities
CVE-2020-13951 Vulnerability in maven package org.apache.openmeetings:openmeetings-server
CVE-2019-16777 Vulnerability in maven package org.webjars.npm:npm
CVE-2021-3780 Vulnerability in npm package peertube
CVE-2023-34612 Vulnerability in maven package com.helger.commons:ph-json
CVE-2021-32731 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web