CVE-2024-5967
Description
A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.keycloak:keycloak-ldap-federationMaven | >= 25.0.0, < 25.0.1 | 25.0.1 |
org.keycloak:keycloak-ldap-federationMaven | < 22.0.12 | 22.0.12 |
org.keycloak:keycloak-ldap-federationMaven | >= 23.0.0, < 24.0.6 | 24.0.6 |
Affected products
20- Range: >= 23.0.0, <= 24.0.5
- osv-coords19 versionspkg:apk/chainguard/keycloakpkg:apk/chainguard/keycloak-bitnami-compatpkg:apk/chainguard/keycloak-bitnami-fipspkg:apk/chainguard/keycloak-compatpkg:apk/chainguard/keycloak-fipspkg:apk/chainguard/keycloak-fips-bitnami-compatpkg:apk/chainguard/keycloak-fips-policy-140-2pkg:apk/chainguard/keycloak-fips-policy-140-3pkg:apk/chainguard/keycloak-iamguarded-compatpkg:apk/chainguard/keycloak-iamguarded-fipspkg:apk/chainguard/keycloak-operatorpkg:apk/chainguard/keycloak-operator-compatpkg:apk/wolfi/keycloakpkg:apk/wolfi/keycloak-bitnami-compatpkg:apk/wolfi/keycloak-compatpkg:apk/wolfi/keycloak-iamguarded-compatpkg:apk/wolfi/keycloak-operatorpkg:apk/wolfi/keycloak-operator-compatpkg:maven/org.keycloak/keycloak-ldap-federation
< 25.0.1-r0+ 18 more
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.1-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: < 25.0.0-r0
- (no CPE)range: >= 25.0.0, < 25.0.1
Patches
Vulnerability mechanics
References
16- github.com/advisories/GHSA-c25h-c27q-5qpvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-5967ghsaADVISORY
- access.redhat.com/security/cve/CVE-2024-5967nvdWEB
- bugzilla.redhat.com/show_bug.cginvdWEB
- github.com/keycloak/keycloak/commit/0d0530046b9cb4b0d74d2fdefc9bd04f1d20cac0ghsaWEB
- github.com/keycloak/keycloak/commit/1f56a9e48bf96c3bcb18dfc6cd93e3dd16f281f1ghsaWEB
- github.com/keycloak/keycloak/commit/bde8568d4174a7072f7c7bb507d2c7d05824b1a6ghsaWEB
- github.com/keycloak/keycloak/issues/30434ghsaWEB
- github.com/keycloak/keycloak/security/advisories/GHSA-c25h-c27q-5qpvghsaWEB
- access.redhat.com/errata/RHSA-2024:6493nvd
- access.redhat.com/errata/RHSA-2024:6494nvd
- access.redhat.com/errata/RHSA-2024:6495nvd
- access.redhat.com/errata/RHSA-2024:6497nvd
- access.redhat.com/errata/RHSA-2024:6499nvd
- access.redhat.com/errata/RHSA-2024:6500nvd
- access.redhat.com/errata/RHSA-2024:6501nvd
News mentions
0No linked articles in our index yet.