{"containers": {"cna": {"affected": [{"product": "Keycloak", "vendor": "n/a", "versions": [{"status": "affected", "version": "Keycloak before 11.0.1"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body."}], "problemTypes": [{"descriptions": [{"description": "Denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-11T15:11:48", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10758", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Keycloak", "version": {"version_data": [{"version_value": "Keycloak before 11.0.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of service"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"}, {"name": "https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251", "refsource": "MISC", "url": "https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:14:15.436Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10758", "datePublished": "2020-09-16T15:05:58", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:15.436Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "matchCriteriaId": "523EF2BD-1C36-4166-B099-D1593691BDAA", "versionEndExcluding": "11.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:text-only:*:*:*", "matchCriteriaId": "ADB40F59-CAAE-47D6-850C-12619D8D5B34", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "183C1FAB-3101-4155-BAA4-819EE997E436", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "F62A7110-16D5-4633-A521-9CECD267773B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Keycloak versiones anteriores a 11.0.1, donde el ataque de DoS es posible mediante el env\u00edo de veinte peticiones simult\u00e1neamente hacia el servidor de keycloak especificado, todas con un valor de encabezado Content-Length que excede el conteo de bytes real del cuerpo de la petici\u00f3n"}], "id": "CVE-2020-10758", "lastModified": "2021-02-03T14:04:29.073", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-16T16:15:14.797", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Mitigation", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Matt Hamilton (Soluble.ai) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:3501", "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.4", "package": "keycloak", "product_name": "Red Hat Single Sign-On 7.4.2", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3495", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el6", "package": "rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el6sso", "product_name": "Red Hat Single Sign-On 7.4 for RHEL 6", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3496", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el7", "package": "rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el7sso", "product_name": "Red Hat Single Sign-On 7.4 for RHEL 7", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3497", "cpe": "cpe:/a:redhat:red_hat_single_sign_on:7::el8", "package": "rh-sso7-keycloak-0:9.0.5-1.redhat_00001.1.el8sso", "product_name": "Red Hat Single Sign-On 7.4 for RHEL 8", "release_date": "2020-08-18T00:00:00Z"}, {"advisory": "RHSA-2020:3539", "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "product_name": "Text-Only RHOAR", "release_date": "2020-09-02T00:00:00Z"}], "bugzilla": {"description": "keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body", "id": "1843849", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843849"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.", "A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability."], "mitigation": {"lang": "en:us", "value": "- The possibility of this issue largely depends on the environment, specifically the load balancer or reverse proxies between the client and the server. The issue occurs when there is no load balancer in place.\n- Proper tuning of HTTP request timeout and keycloak database max pool size can mitigate this issue :\nbin/jboss-cli.sh --connect --commands='/subsystem=transactions:write-attribute(name=default-timeout,value=30),/subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=read-timeout,value=30000),/subsystem=undertow/server=default-server/https-listener=https/:write-attribute(name=read-timeout,value=30000),/subsystem=datasources/data-source=KeycloakDS/:write-attribute(name=max-pool-size,value=100),reload'"}, "name": "CVE-2020-10758", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "impact": "low", "package_name": "keycloak", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "impact": "low", "package_name": "keycloak", "product_name": "Red Hat JBoss Fuse 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "impact": "low", "package_name": "keycloak", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "impact": "low", "package_name": "keycloak", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "impact": "low", "package_name": "keycloak", "product_name": "Red Hat support for Spring Boot"}], "public_date": "2020-08-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10758\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10758"], "threat_severity": "Important", "upstream_fix": "keycloak 11.0.1"}