{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2017-2582", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the \"InResponseTo\" field in the response." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-201", "cweId": "CWE-201" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "Red Hat", "product": { "product_data": [ { "product_name": "keycloak", "version": { "version_data": [ { "version_affected": "=", "version_value": "2.5.1" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "http://www.securityfocus.com/bid/101046", "refsource": "MISC", "name": "http://www.securityfocus.com/bid/101046" }, { "url": "http://www.securitytracker.com/id/1041707", "refsource": "MISC", "name": "http://www.securitytracker.com/id/1041707" }, { "url": "https://access.redhat.com/errata/RHSA-2017:2808", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:2808" }, { "url": "https://access.redhat.com/errata/RHSA-2017:2809", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:2809" }, { "url": "https://access.redhat.com/errata/RHSA-2017:2810", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:2810" }, { "url": "https://access.redhat.com/errata/RHSA-2017:2811", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:2811" }, { "url": "https://access.redhat.com/errata/RHSA-2017:3216", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:3216" }, { "url": "https://access.redhat.com/errata/RHSA-2017:3217", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:3217" }, { "url": "https://access.redhat.com/errata/RHSA-2017:3218", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:3218" }, { "url": "https://access.redhat.com/errata/RHSA-2017:3219", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:3219" }, { "url": "https://access.redhat.com/errata/RHSA-2017:3220", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2017:3220" }, { "url": "https://access.redhat.com/errata/RHSA-2018:2740", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2018:2740" }, { "url": "https://access.redhat.com/errata/RHSA-2018:2741", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2018:2741" }, { "url": "https://access.redhat.com/errata/RHSA-2018:2742", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2018:2742" }, { "url": "https://access.redhat.com/errata/RHSA-2018:2743", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2018:2743" }, { "url": "https://access.redhat.com/errata/RHSA-2019:0136", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2019:0136" }, { "url": "https://access.redhat.com/errata/RHSA-2019:0137", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2019:0137" }, { "url": "https://access.redhat.com/errata/RHSA-2019:0139", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2019:0139" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2582" }, { "url": "https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237", "refsource": "MISC", "name": "https://github.com/keycloak/keycloak/pull/3715/commits/0cb5ba0f6e83162d221681f47b470c3042eef237" } ] }, "impact": { "cvss": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" } ] } }