Detections
Analytics
CVE-2017-2582
medium
Description
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the "InResponseTo" field in the response.
References
https://access.redhat.com/errata/RHSA-2019:0139
https://access.redhat.com/errata/RHSA-2019:0137
https://access.redhat.com/errata/RHSA-2019:0136
https://access.redhat.com/errata/RHSA-2018:2743
https://access.redhat.com/errata/RHSA-2018:2742
https://access.redhat.com/errata/RHSA-2018:2741
https://access.redhat.com/errata/RHSA-2018:2740
https://access.redhat.com/errata/RHSA-2017:3220
https://access.redhat.com/errata/RHSA-2017:3219
https://access.redhat.com/errata/RHSA-2017:3218
https://access.redhat.com/errata/RHSA-2017:3217
https://access.redhat.com/errata/RHSA-2017:3216
https://access.redhat.com/errata/RHSA-2017:2811
https://access.redhat.com/errata/RHSA-2017:2810
https://access.redhat.com/errata/RHSA-2017:2809
https://access.redhat.com/errata/RHSA-2017:2808
http://www.securitytracker.com/id/1041707
http://www.securityfocus.com/bid/101046