CVE-2020-10770
Vulnerability Scoring
Attack Complexity Details
- Attack Complexity: Low Impact
- Attack Vector: NETWORK
- Privileges Required: None
- Scope: UNCHANGED
- User Interaction: NONE
CIA Impact Definition
- Confidentiality:
- Integrity: Low Impact
- Availability:
CVE-2020-10770 Vulnerability Summary
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack.
Access Complexity Graph for CVE-2020-10770
Impact Analysis for CVE-2020-10770
CVE-2020-10770: Detailed Information and External References
EPSS
0.25247
EPSS %
0.96747
References
0.25247
- http://packetstormsecurity.com/files/164499/Keycloak-12.0.1-Server-Side-Request-Forgery.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1846270
CWE
CWE-918
CAPEC
0.25247
- Server Side Request Forgery: An adversary exploits improper input validation by submitting maliciously crafted input to a target application running on a server, with the goal of forcing the server to make a request either to itself, to web services running in the server’s internal network, or to external third parties. If successful, the adversary’s request will be made with the server’s privilege level, bypassing its authentication controls. This ultimately allows the adversary to access sensitive data, execute commands on the server’s network, and make external requests with the stolen identity of the server. Server Side Request Forgery attacks differ from Cross Site Request Forgery attacks in that they target the server itself, whereas CSRF attacks exploit an insecure user authentication mechanism to perform unauthorized actions on the user's behalf.
Vulnerable Configurations
-
cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0.5:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:rc1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:rc2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:beta1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:beta2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:beta3:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:beta3:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:beta4:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:beta4:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:alpha1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.0:alpha2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.0:alpha2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.1.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.1.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.1.0:beta1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.1.0:beta1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.1.0:beta2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.1.0:beta2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.2.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.2.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.2.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.2.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.2.0:beta1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.2.0:beta1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.3.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.4.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.5.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.6.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.6.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.7.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.7.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.0:cr2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.0:cr2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.0:cr3:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.0:cr3:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.0:alpha1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.0:alpha1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.8.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.4:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.5:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.6:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.7:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:1.9.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:1.9.8:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.1.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.1.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.1.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.1.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.3.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.3.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.3.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.3.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.4.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.4.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.4.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.0:cr1:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.0:cr1:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.4:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.5:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.6:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.7:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.8:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.9:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:2.5.10:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.4.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.4.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.4.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:3.4.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.0.0:-:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.0.0:beta2:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.0.0:beta2:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.3.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.4.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.5.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.6.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.8.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.8.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.8.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.8.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.8.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:4.8.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:4.8.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:5.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:6.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:6.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:6.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:7.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:7.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:8.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:8.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:9.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:9.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:9.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:9.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:9.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:9.0.13:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:9.0.13:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:10.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:10.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:10.0.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:11.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:11.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:11.0.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:11.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:12.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:keycloak:12.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:12.0.1:*:*:*:*:*:*:*
CVSS3 Source
nvd@nist.gov
CVSS3 Type
Primary
CVSS3 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Protect Your Infrastructure: Combat Critical CVE Threats
Stay updated with real-time CVE vulnerabilities and take action to secure your systems. Enhance your cybersecurity posture with the latest threat intelligence and mitigation techniques. Develop the skills necessary to defend against CVEs and secure critical infrastructures. Join the top cybersecurity professionals safeguarding today's infrastructures.