Miggo Logo
Miggo Vulnerability Database
CVE-2014-3652

CVE-2014-3652: JBoss KeyCloak Open Redirect

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2014-3652
GHSA ID
GHSA-5r7w-pjx8-99qg
EPSS Score
0.44661%
CWE
CWE-601
Published
5/17/2022
Updated
8/16/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.keycloak:keycloak-servicesmaven< 1.1.0.Beta11.1.0.Beta1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the lack of validation on the redirect URL in the loginRedirect method. The GitHub commit 6b2a422 introduced a fix that adds a check against a set of valid paths (VALID_PATHS) populated via reflection on the AccountService's @Path-annotated methods. Prior to this patch, the absence of this validation allowed unconstrained redirects. The loginRedirect method is directly implicated in handling the redirect parameter, making it the clear vulnerable function.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*oss K*y*lo*k: Op*n r**ir**t vuln*r**ility vi* **ilur* to v*li**t* t** r**ir**t URL.

Reasoning

T** vuln*r**ility st*ms *rom t** l**k o* `v*li**tion` on t** r**ir**t URL in t** `lo*inR**ir**t` m*t*o*. T** *it*u* *ommit ******* intro*u*** * *ix t**t ***s * ****k ***inst * s*t o* v*li* p*t*s (V*LI*_P*T*S) popul*t** vi* r**l**tion on t** `***ountS
CVE-2014-3652: Keycloak URL Redirect Bypass | Miggo