CVE-2024-8698

HIGH NUCLEI

Keycloak - Privilege Escalation

Title source: llm

Description

A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.

Exploits (1)

nomisec WORKING POC 6 stars
by huydoppaz · poc
https://github.com/huydoppaz/CVE-2024-8698-POC

Nuclei Templates (1)

Keycloak - SAML Core Package Signature Validation Flaw
HIGHVERIFIEDby iamnoooob,rootxharsh,pdresearch
Shodan: http.favicon.hash:"-1105083093"
FOFA: icon_hash=-1105083093

References (14)

Scores

CVSS v3 7.7
EPSS 0.8126
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L

Details

CWE
CWE-347
Status published
Products (50)
org.keycloak/keycloak-saml-core 0 - 22.0.13Maven
Red Hat/Red Hat Build of Keycloak
Red Hat/Red Hat build of Keycloak 22 22.0.13-1
Red Hat/Red Hat build of Keycloak 22 22-18
Red Hat/Red Hat build of Keycloak 22 22-21
Red Hat/Red Hat build of Keycloak 24 24.0.8-1
Red Hat/Red Hat build of Keycloak 24 24-17
Red Hat/Red Hat JBoss Enterprise Application Platform 8
Red Hat/Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 0:0.1.0-2.redhat_00010.1.el8eap
Red Hat/Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8 0:0.8.1-2.redhat_00001.1.el8eap
... and 40 more
Published Sep 19, 2024
Tracked Since Feb 18, 2026