CVE-2022-3782

keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2022-3782	Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-3782	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:redhat:keycloak:20.0.2:*:*:*:*:*:*:*

History

21 Nov 2024, 07:20

Type	Values Removed	Values Added
References	~~() https://access.redhat.com/security/cve/CVE-2022-3782 - Vendor Advisory~~	() https://access.redhat.com/security/cve/CVE-2022-3782 - Vendor Advisory
Summary		(es) Keycloack: Path Traversal mediante codificación de URL doble. Se encontró una falla en Keycloak, donde no valida correctamente las URL incluidas en una redirección. Un atacante puede utilizar esta falla para crear una solicitud maliciosa para eludir la validación y acceder a otras URL e información potencialmente confidencial dentro del dominio o posiblemente realizar más ataques. Esta falla afecta a cualquier cliente que utilice un comodín en el campo URI de redireccionamiento válido.

Information

Published : 2023-01-13 06:15

Updated : 2025-04-09 14:15

NVD link : CVE-2022-3782

Mitre link : CVE-2022-3782

CVE.ORG link : CVE-2022-3782

JSON object : View

Products Affected

redhat

keycloak

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2022-3782", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2023-01-13T06:15:11.187", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2022-3782", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2022-3782", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "keycloak: path traversal via double URL encoding. A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. An attacker can use this flaw to construct a malicious request to bypass validation and access other URLs and potentially sensitive information within the domain or possibly conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field."}, {"lang": "es", "value": "Keycloack: Path Traversal mediante codificaci\u00f3n de URL doble. Se encontr\u00f3 una falla en Keycloak, donde no valida correctamente las URL incluidas en una redirecci\u00f3n. Un atacante puede utilizar esta falla para crear una solicitud maliciosa para eludir la validaci\u00f3n y acceder a otras URL e informaci\u00f3n potencialmente confidencial dentro del dominio o posiblemente realizar m\u00e1s ataques. Esta falla afecta a cualquier cliente que utilice un comod\u00edn en el campo URI de redireccionamiento v\u00e1lido."}], "lastModified": "2025-04-09T14:15:24.100", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:keycloak:20.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "703CD4CB-29AA-4354-B210-AD78774525E1"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}