A flaw was found in Keycloak in OAuth 2.0 Pushed Authorization Requests (PAR). Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Redhat
  • Build Keycloak
  • Red Hat Single Sign On
  • Rhosemc

No data.

Package CPE Advisory Released Date
Red Hat Build of Keycloak
keycloak-core cpe:/a:redhat:build_keycloak:22 RHSA-2024:3574 2024-06-03T00:00:00Z
keycloak-core cpe:/a:redhat:build_keycloak:22 RHSA-2024:3575 2024-06-03T00:00:00Z
Red Hat build of Keycloak 22
rhbk/keycloak-operator-bundle:22.0.11-2 cpe:/a:redhat:build_keycloak:22::el9 RHSA-2024:3573 2024-06-03T00:00:00Z
rhbk/keycloak-rhel9:22-15 cpe:/a:redhat:build_keycloak:22::el9 RHSA-2024:3573 2024-06-03T00:00:00Z
rhbk/keycloak-rhel9-operator:22-18 cpe:/a:redhat:build_keycloak:22::el9 RHSA-2024:3573 2024-06-03T00:00:00Z
Red Hat build of Keycloak 24
rhbk/keycloak-operator-bundle:24.0.5-2 cpe:/a:redhat:build_keycloak:24::el9 RHSA-2024:3576 2024-06-03T00:00:00Z
rhbk/keycloak-rhel9:24-10 cpe:/a:redhat:build_keycloak:24::el9 RHSA-2024:3576 2024-06-03T00:00:00Z
rhbk/keycloak-rhel9-operator:24-10 cpe:/a:redhat:build_keycloak:24::el9 RHSA-2024:3576 2024-06-03T00:00:00Z
Red Hat Single Sign-On 7
keycloak-core cpe:/a:redhat:red_hat_single_sign_on:7.6 RHSA-2024:3572 2024-06-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 7
rh-sso7-keycloak-0:18.0.14-1.redhat_00001.1.el7sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el7 RHSA-2024:3566 2024-06-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 8
rh-sso7-keycloak-0:18.0.14-1.redhat_00001.1.el8sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el8 RHSA-2024:3567 2024-06-03T00:00:00Z
Red Hat Single Sign-On 7.6 for RHEL 9
rh-sso7-keycloak-0:18.0.14-1.redhat_00001.1.el9sso cpe:/a:redhat:red_hat_single_sign_on:7.6::el9 RHSA-2024:3568 2024-06-03T00:00:00Z
RHEL-8 based Middleware Containers
rh-sso-7/sso76-openshift-rhel8:7.6-49 cpe:/a:redhat:rhosemc:1.0::el8 RHSA-2024:3570 2024-06-03T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2024:3566 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3567 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3568 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3570 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3572 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3573 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3574 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3575 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3576 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-4540 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2279303 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-4540 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-4540 cve-icon
History

Wed, 13 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-06-03T15:33:18.191Z

Updated: 2024-11-13T14:26:26.123Z

Reserved: 2024-05-06T11:02:39.841Z

Link: CVE-2024-4540

cve-icon Vulnrichment

Updated: 2024-08-01T20:40:47.507Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-06-03T16:15:08.993

Modified: 2024-06-03T23:15:08.930

Link: CVE-2024-4540

cve-icon Redhat

Severity : Low

Publid Date: 2024-06-03T00:00:00Z

Links: CVE-2024-4540 - Bugzilla