Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Security)  >   Red Hat Single Sign-On Vendors:   Red Hat
Red Hat Single Sign-On Keycloak Authentication Flow Error Lets Remote Users Hijack the Target User's Session
SecurityTracker Alert ID:  1037460
SecurityTracker URL:
CVE Reference:   CVE-2016-8609   (Links to External Site)
Date:  Dec 13 2016
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7.0
Description:   A vulnerability was reported in Red Hat Single Sign-On. A remote user can hijack the target user's session.

A remote user can create a specially crafted URL that, when loaded by the target user, will exploit an authentication error in Keycloak and hijack the target user's session.

Hiroyuki Wada of Nomura Research Institute, Ltd reported this vulnerability.

Impact:   A remote user can hijack the target user's session.
Solution:   Red Hat has issued a fix.

The Red Hat advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Red Hat Enterprise)

Message History:   None.

 Source Message Contents

Subject:  [RHSA-2016:2945-01] Important: Red Hat Single Sign-On security update

Hash: SHA1

                   Red Hat Security Advisory

Synopsis:          Important: Red Hat Single Sign-On security update
Advisory ID:       RHSA-2016:2945-01
Product:           Red Hat Single Sign-On
Advisory URL:
Issue date:        2016-12-13
CVE Names:         CVE-2016-8609 

1. Summary:

A security update is now available for Red Hat Single Sign-On 7.0 from the
Customer Portal.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Description:

Red Hat Single Sign-On 7.0 is a standalone server, based on the Keycloak
project, that provides authentication and standards-based single sign-on
capabilities for web and mobile applications.

This asynchronous patch is a security update for Red Hat Single Sign-On

Security Fix(es):

* It was found that Keycloak did not implement authentication flow
correctly. An attacker could use this flaw to construct a phishing URL,
from which he could hijack the user's session. This could lead to
information disclosure, or permit further possible attacks. (CVE-2016-8609)

Red Hat would like to thank Hiroyuki Wada of Nomura Research Institute, Ltd
for reporting this issue.

3. Solution:

The References section of this erratum contains a download link (you must
log in to download the update). Before applying this update, back up your
existing Red Hat Single Sign-On installation.

4. Bugs fixed (

1386729 - CVE-2016-8609 keycloak: account hijacking via auth code fixation

5. References:

6. Contact:

The Red Hat security contact is <>. More contact
details at

Copyright 2016 Red Hat, Inc.
Version: GnuPG v1


RHSA-announce mailing list

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC