Lucene search

[email protected]NVD:CVE-2020-27826

HistoryMay 28, 2021 - 11:15 a.m.

CVE-2020-27826

2021-05-2811:15:07

CWE-250

[email protected]

web.nvd.nist.gov

keycloak

metadata

update

nameid

attribute

impersonation

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:P/A:N

CVSS3

4.2

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user’s metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.

Affected configurations

Nvd

Node

redhatkeycloakRange<12.0.0

Node

redhatsingle_sign-onMatch-text-only

redhatsingle_sign-onMatch7.4

redhatsingle_sign-onMatch7.4.4

VendorProductVersionCPE
redhatkeycloak*cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
redhatsingle_sign-on-cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*
redhatsingle_sign-on7.4cpe:2.3:a:redhat:single_sign-on:7.4:*:*:*:*:*:*:*
redhatsingle_sign-on7.4.4cpe:2.3:a:redhat:single_sign-on:7.4.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	keycloak	*	cpe:2.3:a:redhat:keycloak::::::::
redhat	single_sign-on	-	cpe:2.3:a:redhat:single_sign-on:-::::text-only:::
redhat	single_sign-on	7.4	cpe:2.3:a:redhat:single_sign-on:7.4:::::::*
redhat	single_sign-on	7.4.4	cpe:2.3:a:redhat:single_sign-on:7.4.4:::::::*