CVE Vulnerability

CVE-2021-3827

A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.

6.8 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d Patch Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2007512 Issue Tracking Vendor Advisory
https://access.redhat.com/security/cve/CVE-2021-3827 Vendor Advisory
https://github.com/keycloak/keycloak/security/advisories/GHSA-4pc7-vqv5-5r3v Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
Information

Published : 2022-08-23 04:15

Updated : 2022-11-30 06:46

NVD link : CVE-2021-3827

Mitre link : CVE-2021-3827

Products Affected

Redhat

Single Sign-on

CWE
CWE-287