Bug 1941565 (CVE-2021-3461) - CVE-2021-3461 keycloak: Backchannel logout not working when Principal Type is set to Attribute Name for external SAML IDP
Summary: CVE-2021-3461 keycloak: Backchannel logout not working when Principal Type is...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-3461
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1941539 1941948
TreeView+ depends on / blocked
 
Reported: 2021-03-22 11:20 UTC by Paramvir jindal
Modified: 2022-11-29 12:51 UTC (History)
39 users (show)

Fixed In Version: rh-sso7-keycloak 9.0.13
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in keycloak where keycloak may fail to logout user session if the logout request comes from external SAML identity provider and Principal Type is set to Attribute [Name].
Clone Of:
Environment:
Last Closed: 2021-05-20 14:57:17 UTC
Embargoed:


Attachments (Terms of Use)

Description Paramvir jindal 2021-03-22 11:20:35 UTC
Keycloak may fail to logout user session if the logout request comes from external SAML identity provider that is set up to identify principal via attributes rather than Subject Name ID.

https://issues.redhat.com/browse/KEYCLOAK-17495

Comment 1 Paramvir jindal 2021-03-22 11:29:07 UTC
Affected class is present under keycloak-services jar which is only present in RHSSO and none of other Red Hat products is affected.

https://github.com/keycloak/keycloak/blob/master/services/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java

Comment 7 Paramvir jindal 2021-03-24 11:33:41 UTC
Acknowledgments:

Name: Peter Mazán (peter.mazan) (TatraMed Software)

Comment 8 errata-xmlrpc 2021-05-20 12:42:14 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.4 for RHEL 6

Via RHSA-2021:2063 https://access.redhat.com/errata/RHSA-2021:2063

Comment 9 errata-xmlrpc 2021-05-20 12:43:13 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.4 for RHEL 8

Via RHSA-2021:2065 https://access.redhat.com/errata/RHSA-2021:2065

Comment 10 errata-xmlrpc 2021-05-20 12:43:42 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.4 for RHEL 7

Via RHSA-2021:2064 https://access.redhat.com/errata/RHSA-2021:2064

Comment 11 Product Security DevOps Team 2021-05-20 14:57:17 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3461

Comment 12 errata-xmlrpc 2021-05-20 17:50:21 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.4.7

Via RHSA-2021:2070 https://access.redhat.com/errata/RHSA-2021:2070


Note You need to log in before you can comment on or make changes to this bug.