Bug 2262849 (CVE-2024-1233)

Summary: CVE-2024-1233 JBoss EAP: wildfly-elytron has a SSRF security issue
Product: [Other] Security Response Reporter: Rohit Keshri <rkeshri>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: ahanwate, asoldano, bbaranow, bmaxwell, brian.stansberry, cdewolf, chazlett, darran.lofthouse, dkreling, dosoudil, fjuma, ivassile, iweiss, lgao, mosmerov, msochure, mstefank, msvehla, nwallace, pjindal, pmackay, rstancel, security-response-team, smaestri, tom.jenkinson
Target Milestone: ---Keywords: Security, Tracking
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in` JwtValidator.resolvePublicKey` in JBoss EAP, where the validator checks jku and sends a HTTP request. During this process, no whitelisting or other filtering behavior is performed on the destination URL address, which may result in a server-side request forgery (SSRF) vulnerability.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2262850    
Deadline: 2024-04-02   

Description Rohit Keshri 2024-02-05 18:37:05 UTC 
In` JwtValidator.resolvePublicKey`, the Validator checks jku and sends an HTTP request. During this process, no whitelisting or other filtering behavior was performed on the destination URL address. Caused SSRF vulnerability.
Comment 11 errata-xmlrpc 2024-06-03 16:58:44 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:3559 https://access.redhat.com/errata/RHSA-2024:3559
Comment 12 errata-xmlrpc 2024-06-03 16:59:42 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:3561 https://access.redhat.com/errata/RHSA-2024:3561
Comment 13 errata-xmlrpc 2024-06-03 17:00:12 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:3560 https://access.redhat.com/errata/RHSA-2024:3560
Comment 14 errata-xmlrpc 2024-06-03 17:10:18 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:3563 https://access.redhat.com/errata/RHSA-2024:3563
Comment 15 errata-xmlrpc 2024-06-04 10:59:06 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:3583 https://access.redhat.com/errata/RHSA-2024:3583
Comment 16 errata-xmlrpc 2024-06-04 11:00:37 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9

Via RHSA-2024:3581 https://access.redhat.com/errata/RHSA-2024:3581
Comment 17 errata-xmlrpc 2024-06-04 11:03:34 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8

Via RHSA-2024:3580 https://access.redhat.com/errata/RHSA-2024:3580
Comment 18 Sandipan Roy 2024-06-04 13:24:46 UTC 
Upstream Advisory: https://github.com/advisories/GHSA-v4mm-q8fv-r2w5
Comment 19 Sandipan Roy 2024-06-04 13:35:20 UTC 
Upstream Bug: https://issues.redhat.com/browse/WFLY-19226 
Commit: https://github.com/wildfly/wildfly/pull/17812/commits/0c02350bc0d84287bed46e7c32f90b36e50d3523