Description

A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP headers (via cURL) an attacker can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekeeper in front of a Jetty server and use lowercase headers.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1868591

https://issues.jboss.org/browse/KEYCLOAK-14090

Related Vulnerabilities

CVE-2020-14340 Vulnerability in maven package org.jboss.xnio:xnio-api

CVE-2017-2585 Vulnerability in maven package org.keycloak:keycloak-core

CVE-2021-21695 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2021-4264 Vulnerability in maven package org.webjars.npm:dustjs-linkedin

CVE-2022-41929 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Tags

Issue Tracking Vendor Advisory Permissions Required Third Party Advisory NVD-CWE-noinfo