Bug 2279303 (CVE-2024-4540) - CVE-2024-4540 keycloak: exposure of sensitive information in Pushed Authorization Requests (PAR) KC_RESTART cookie
Summary: CVE-2024-4540 keycloak: exposure of sensitive information in Pushed Authoriza...
Keywords:
Status: NEW
Alias: CVE-2024-4540
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2279307
TreeView+ depends on / blocked
 
Reported: 2024-05-06 13:02 UTC by Mauro Matteo Cascella
Modified: 2024-06-13 18:13 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:3566 0 None None None 2024-06-03 19:46:46 UTC
Red Hat Product Errata RHSA-2024:3567 0 None None None 2024-06-03 19:46:50 UTC
Red Hat Product Errata RHSA-2024:3568 0 None None None 2024-06-03 19:46:39 UTC
Red Hat Product Errata RHSA-2024:3570 0 None None None 2024-06-03 19:50:29 UTC
Red Hat Product Errata RHSA-2024:3572 0 None None None 2024-06-03 20:00:41 UTC
Red Hat Product Errata RHSA-2024:3573 0 None None None 2024-06-03 21:15:07 UTC
Red Hat Product Errata RHSA-2024:3574 0 None None None 2024-06-03 21:10:49 UTC
Red Hat Product Errata RHSA-2024:3575 0 None None None 2024-06-03 21:26:19 UTC
Red Hat Product Errata RHSA-2024:3576 0 None None None 2024-06-03 21:30:22 UTC

Description Mauro Matteo Cascella 2024-05-06 13:02:38 UTC
A flaw was found in Keycloak in the OAuth 2.0 Pushed Authorization Requests (PAR). Client provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request. This could lead to an information disclosure vulnerability.

Comment 4 errata-xmlrpc 2024-06-03 19:46:37 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 7

Via RHSA-2024:3566 https://access.redhat.com/errata/RHSA-2024:3566

Comment 5 errata-xmlrpc 2024-06-03 19:46:38 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 9

Via RHSA-2024:3568 https://access.redhat.com/errata/RHSA-2024:3568

Comment 6 errata-xmlrpc 2024-06-03 19:46:48 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On 7.6 for RHEL 8

Via RHSA-2024:3567 https://access.redhat.com/errata/RHSA-2024:3567

Comment 7 errata-xmlrpc 2024-06-03 19:50:28 UTC
This issue has been addressed in the following products:

  RHEL-8 based Middleware Containers

Via RHSA-2024:3570 https://access.redhat.com/errata/RHSA-2024:3570

Comment 8 errata-xmlrpc 2024-06-03 20:00:40 UTC
This issue has been addressed in the following products:

  Red Hat Single Sign-On

Via RHSA-2024:3572 https://access.redhat.com/errata/RHSA-2024:3572

Comment 9 errata-xmlrpc 2024-06-03 21:10:48 UTC
This issue has been addressed in the following products:

  Red Hat build of Keycloak 22

Via RHSA-2024:3574 https://access.redhat.com/errata/RHSA-2024:3574

Comment 10 errata-xmlrpc 2024-06-03 21:15:06 UTC
This issue has been addressed in the following products:

  Red Hat build of Keycloak 22

Via RHSA-2024:3573 https://access.redhat.com/errata/RHSA-2024:3573

Comment 11 errata-xmlrpc 2024-06-03 21:26:18 UTC
This issue has been addressed in the following products:

  Red Hat build of Keycloak 22

Via RHSA-2024:3575 https://access.redhat.com/errata/RHSA-2024:3575

Comment 12 errata-xmlrpc 2024-06-03 21:30:20 UTC
This issue has been addressed in the following products:

  Red Hat build of Keycloak 24

Via RHSA-2024:3576 https://access.redhat.com/errata/RHSA-2024:3576


Note You need to log in before you can comment on or make changes to this bug.