CVE-2017-2582
moderate-risk
Published 2018-07-26
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
Do I need to act?
-
0.63% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (5)
Affected Vendors
References (40)
Third Party Advisory
http://www.securityfocus.com/bid/101046
Third Party Advisory
http://www.securitytracker.com/id/1041707
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2808
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2809
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2810
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:2811
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3216
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3217
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3218
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3219
Vendor Advisory
https://access.redhat.com/errata/RHSA-2017:3220
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2740
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2741
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2742
Vendor Advisory
https://access.redhat.com/errata/RHSA-2018:2743
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582
and 20 more references
38
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
2/34 · Minimal
Exposure
12/34 · Low