CVE-2022-1466

Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted.

CVSS v3 6.5 MEDIUM
CVSS v2.0 4.0 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2050228	Issue Tracking Vendor Advisory
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt	Exploit Third Party Advisory
https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:keycloak::::::::
	cpe:2.3:a:redhat:single_sign-on:7.5.0:::::::*

History

No history.

Information

Published : 2022-04-26 19:15

Updated : 2024-02-28 19:09

NVD link : CVE-2022-1466

Mitre link : CVE-2022-1466

CVE.ORG link : CVE-2022-1466

JSON object : View

Products Affected

redhat

single_sign-on
keycloak

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2022-1466", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-04-26T19:15:49.660", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2050228", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-076.txt", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.syss.de/pentest-blog/fehlerhafte-autorisierung-bei-red-hat-single-sign-on-750ga-syss-2021-076", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be allowed to perform. It was possible to add users to the master realm even though no respective permission was granted."}, {"lang": "es", "value": "Debido a una autorizaci\u00f3n inapropiada, Red Hat Single Sign-On es vulnerable a que usuarios lleven a cabo acciones que no deber\u00edan estar autorizados a realizar. Era posible a\u00f1adir usuarios al reino maestro aunque no sea concedido el permiso correspondiente"}], "lastModified": "2022-05-06T14:05:58.437", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F41C7F06-3969-4330-A122-82392E25471F", "versionEndExcluding": "17.0.1"}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:7.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A69E9AB7-AC48-4448-BE34-68AC0AA0CD46"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}