CVE-2024-5967
Published: Jun 18, 2024
Modified: Mar 26, 2026
CVSS v3.1
2.7
Description
A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.
| Vendor | Product | Versions |
|---|---|---|
Unknown | keycloak | affected 0 - < 22.0.12affected 23.0.0 - < 24.0.6affected 25.0.0 - < 25.0.1 |
Red Hat | Red Hat Build of Keycloak | All versions |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22.0.12-1 - < * |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22-17 - < * |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22-20 - < * |
Red Hat | Red Hat Single Sign-On 7 | All versions |
Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | unaffected 0:18.0.16-1.redhat_00001.1.el7sso - < * |
Red Hat | Red Hat Single Sign-On 7.6 for RHEL 8 | unaffected 0:18.0.16-1.redhat_00001.1.el8sso - < * |
Red Hat | Red Hat Single Sign-On 7.6 for RHEL 9 | unaffected 0:18.0.16-1.redhat_00001.1.el9sso - < * |
Red Hat | RHEL-8 based Middleware Containers | unaffected 7.6-52 - < * |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now