CVE-2019-10201

HIGH

Keycloak < 6.0.1 - Authentication Bypass via SAML Response Signature Removal

Title source: llm

Description

It was found that Keycloak's SAML broker, versions up to 6.0.1, did not verify missing message signatures. If an attacker modifies the SAML Response and removes the <Signature> sections, the message is still accepted, and the message can be modified. An attacker could use this flaw to impersonate other users and gain access to sensitive information.

References (1)

Core 1

Core References

Issue Tracking, Mitigation, Vendor Advisory x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10201

Scores

CVSS v3 8.1

EPSS 0.0014

EPSS Percentile 33.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-592 CWE-347

Status published

Products (4)

org.keycloak/keycloak-core 0 - 7.0.0Maven

redhat/keycloak < 6.0.1

redhat/single_sign-on 7.0

redhat/single_sign-on 7.3.3

Published Aug 14, 2019

Tracked Since Feb 18, 2026