CVE-2017-2582 — MEDIUM (6.5)

Q: How severe is CVE-2017-2582?

CVE-2017-2582 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-2582?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Keycloak, Redhat Jboss Enterprise Application Platform, Redhat Enterprise Linux.

Vulnerability Description

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Redhat	Keycloak	< 2.5.1
Redhat	Jboss Enterprise Application Platform	6.0.0
Redhat	Enterprise Linux	5.0

Related Weaknesses (CWE)

CWE-201 CWE-200

References

http://www.securityfocus.com/bid/101046Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1041707Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2017:2808Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2809Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2810Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2811Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3216Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3217Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3218Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3219Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3220Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2740Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2741Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2742Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2743Vendor Advisory

FAQ

What is CVE-2017-2582?

CVE-2017-2582 is a vulnerability with a CVSS score of 6.5 (MEDIUM). It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an at...

How severe is CVE-2017-2582?

CVE-2017-2582 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-2582?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Keycloak, Redhat Jboss Enterprise Application Platform, Redhat Enterprise Linux.