Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-5967
PUBLISHED
More InfoOfficial Page
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
View Known Exploited Vulnerability (KEV) details
Published At-18 Jun, 2024 | 12:05
Updated At-07 Aug, 2025 | 11:23
Rejected At-
▼CVE Numbering Authority (CNA)
Keycloak: leak of configured ldap bind credentials through the keycloak admin console

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.

Affected Products
Collection URL
https://github.com/keycloak/keycloak
Package Name
keycloak
Default Status
unaffected
Versions
Affected
  • From 0 before 22.0.12 (semver)
  • From 23.0.0 before 24.0.6 (semver)
  • From 25.0.0 before 25.0.1 (semver)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Build of Keycloak
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
keycloak-core
CPEs
  • cpe:/a:redhat:build_keycloak:22
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat build of Keycloak 22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhbk/keycloak-operator-bundle
CPEs
  • cpe:/a:redhat:build_keycloak:22::el9
Default Status
affected
Versions
Unaffected
  • From 22.0.12-1 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat build of Keycloak 22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhbk/keycloak-rhel9
CPEs
  • cpe:/a:redhat:build_keycloak:22::el9
Default Status
affected
Versions
Unaffected
  • From 22-17 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat build of Keycloak 22
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rhbk/keycloak-rhel9-operator
CPEs
  • cpe:/a:redhat:build_keycloak:22::el9
Default Status
affected
Versions
Unaffected
  • From 22-20 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Single Sign-On 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rh-sso7-keycloak
CPEs
  • cpe:/a:redhat:red_hat_single_sign_on:7.6
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Single Sign-On 7.6 for RHEL 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rh-sso7-keycloak
CPEs
  • cpe:/a:redhat:red_hat_single_sign_on:7.6::el7
Default Status
affected
Versions
Unaffected
  • From 0:18.0.16-1.redhat_00001.1.el7sso before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Single Sign-On 7.6 for RHEL 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rh-sso7-keycloak
CPEs
  • cpe:/a:redhat:red_hat_single_sign_on:7.6::el8
Default Status
affected
Versions
Unaffected
  • From 0:18.0.16-1.redhat_00001.1.el8sso before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Single Sign-On 7.6 for RHEL 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
rh-sso7-keycloak
CPEs
  • cpe:/a:redhat:red_hat_single_sign_on:7.6::el9
Default Status
affected
Versions
Unaffected
  • From 0:18.0.16-1.redhat_00001.1.el9sso before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
RHEL-8 based Middleware Containers
Collection URL
https://catalog.redhat.com/software/containers/
Package Name
rh-sso-7/sso76-openshift-rhel8
CPEs
  • cpe:/a:redhat:rhosemc:1.0::el8
Default Status
affected
Versions
Unaffected
  • From 7.6-52 before * (rpm)
Problem Types
TypeCWE IDDescription
CWECWE-276Incorrect Default Permissions
Metrics
VersionBase scoreBase severityVector
3.12.7LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Metrics Other Info
Red Hat severity rating
value:
Low
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Exploits
Credits
Upstream acknowledges Simon Wessling as the original reporter.
Timeline
EventDate
Reported to Red Hat.2024-06-13 00:00:00
Made public.2024-06-13 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2024:6493
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6494
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6495
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6497
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6499
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6500
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6501
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5967
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2292200
issue-tracking
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2024-5967
vdb-entry
x_refsource_REDHAT
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=2292200
issue-tracking
x_refsource_REDHAT
x_transferred
Details not found