SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Red Hat Single Sign-On Vendors:   Red Hat
Red Hat Single Sign-On Keycloak Authentication Flow Error Lets Remote Users Hijack the Target User's Session
SecurityTracker Alert ID:  1037460
SecurityTracker URL:  http://securitytracker.com/id/1037460
CVE Reference:   CVE-2016-8609   (Links to External Site)
Date:  Dec 13 2016
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0
Description:   A vulnerability was reported in Red Hat Single Sign-On. A remote user can hijack the target user's session.

A remote user can create a specially crafted URL that, when loaded by the target user, will exploit an authentication error in Keycloak and hijack the target user's session.

Hiroyuki Wada of Nomura Research Institute, Ltd reported this vulnerability.

Impact:   A remote user can hijack the target user's session.
Solution:   Red Hat has issued a fix.

The Red Hat advisory is available at:

https://rhn.redhat.com/errata/RHSA-2016-2945.html

Vendor URL:  rhn.redhat.com/errata/RHSA-2016-2945.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Red Hat Enterprise)

Message History:   None.


 Source Message Contents

Subject:  [RHSA-2016:2945-01] Important: Red Hat Single Sign-On security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: Red Hat Single Sign-On security update
Advisory ID:       RHSA-2016:2945-01
Product:           Red Hat Single Sign-On
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2016-2945.html
Issue date:        2016-12-13
CVE Names:         CVE-2016-8609 
=====================================================================

1. Summary:

A security update is now available for Red Hat Single Sign-On 7.0 from the
Customer Portal.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat Single Sign-On 7.0 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.

This asynchronous patch is a security update for Red Hat Single Sign-On
7.0.

Security Fix(es):

* It was found that Keycloak did not implement authentication flow
correctly. An attacker could use this flaw to construct a phishing URL,
from which he could hijack the user's session. This could lead to
information disclosure, or permit further possible attacks. (CVE-2016-8609)

Red Hat would like to thank Hiroyuki Wada of Nomura Research Institute, Ltd
for reporting this issue.

3. Solution:

The References section of this erratum contains a download link (you must
log in to download the update). Before applying this update, back up your
existing Red Hat Single Sign-On installation.

4. Bugs fixed (https://bugzilla.redhat.com/):

1386729 - CVE-2016-8609 keycloak: account hijacking via auth code fixation

5. References:

https://access.redhat.com/security/cve/CVE-2016-8609
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso&downloadType=securityPatches&version=7.0

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFYUEtuXlSAg2UNWIIRArhEAJ9uyHeYhi8JDa/xOWpIVcqBnD7RHwCfYkel
HPHo28ewVwTWWD8hYVT4CA8=
=yupA
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC