216.73.216.170

CVE-2024-5967

· Published 18/06/2024 12:15 · Modified 18/06/2024 12:15

Labels: CVE-2024-5967 2024-06-18CVE-2024-5967CWE-276[email protected]

Essential information

Published
18/06/2024 12:15
Modified
18/06/2024 12:15
Author
Creator
CVSS
2.7 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References