Description

A vulnerability was found in Keycloak. The LDAP testing endpoint allows changing the Connection URL  independently without re-entering the currently configured LDAP bind credentials. This flaw allows an attacker with admin access (permission manage-realm) to change the LDAP host URL ("Connection URL") to a machine they control. The Keycloak server will connect to the attacker's host and try to authenticate with the configured credentials, thus leaking them to the attacker. As a consequence, an attacker who has compromised the admin console or compromised a user with sufficient privileges can leak domain credentials and attack the domain.

INFO

Published Date :

2024-06-18T12:05:39.289Z

Last Modified :

2026-03-26T23:13:52.275Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2024-5967 vulnerability.

Vendors Products
Redhat
  • Build Keycloak
  • Red Hat Single Sign On
  • Rhosemc
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-5967.

URL Resource
https://access.redhat.com/errata/RHSA-2024:6493 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6494 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6495 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6497 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6499 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6500 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:6501 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-5967 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2292200 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-5967 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-5967 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact