Vulnerability Description
It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain reflected XSS via a malicious server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Single Sign On | 7.0 |
| Redhat | Enterprise Linux Server | 6.0 |
| Keycloak | Keycloak | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/101618Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2017:2904Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2905Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2906Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1489161Issue Tracking
- http://www.securityfocus.com/bid/101618Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2017:2904Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2905Third Party Advisory
- https://access.redhat.com/errata/RHSA-2017:2906Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1489161Issue Tracking
FAQ
What is CVE-2017-12158?
CVE-2017-12158 is a vulnerability with a CVSS score of 5.4 (MEDIUM). It was found that Keycloak would accept a HOST header URL in the admin console and use it to determine web resource locations. An attacker could use this flaw against an authenticated user to attain r...
How severe is CVE-2017-12158?
CVE-2017-12158 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-12158?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Single Sign On, Redhat Enterprise Linux Server, Keycloak Keycloak.