CVE-2021-3856

ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2021-3856	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2010164	Issue Tracking Vendor Advisory
https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743	Patch Third Party Advisory
https://github.com/keycloak/keycloak/pull/8588	Patch Third Party Advisory
https://issues.redhat.com/browse/KEYCLOAK-19422	Permissions Required Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*

History

10 Jul 2023, 19:27

Type	Values Removed	Values Added
CWE	~~CWE-552~~	CWE-22

Information

Published : 2022-08-26 16:15

Updated : 2024-02-28 19:29

NVD link : CVE-2021-3856

Mitre link : CVE-2021-3856

CVE.ORG link : CVE-2021-3856

JSON object : View

Products Affected

redhat

keycloak

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-552

Files or Directories Accessible to External Parties

{"id": "CVE-2021-3856", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2022-08-26T16:15:09.570", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2021-3856", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2010164", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/keycloak/keycloak/commit/73f0474008e1bebd0733e62a22aceda9e5de6743", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://github.com/keycloak/keycloak/pull/8588", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://issues.redhat.com/browse/KEYCLOAK-19422", "tags": ["Permissions Required", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available."}, {"lang": "es", "value": "ClassLoaderTheme y ClasspathThemeResourceProviderFactory permiten leer cualquier archivo disponible como recurso para el cargador de clases. Al enviar peticiones de recursos de temas con una ruta relativa desde un cliente HTTP externo, el cliente recibir\u00e1 el contenido de archivos aleatorios si est\u00e1n disponibles."}], "lastModified": "2023-07-10T19:27:42.563", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08FEF5EB-2BDF-45E6-988A-D9B04FC9281D", "versionEndExcluding": "15.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}