Paramvir Jindal

**Name of the Vulnerable Software and Affected Versions** APICast (affected versions not specified) **Description** A flaw was found in APICast, specifically in 3Scale's OIDC module, which does not properly evaluate the response to a mismatched token from a separate realm. This could allow a separate realm to be accessible to an attacker, permitting access to unauthorized information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** No specific software or versions are mentioned in the provided descriptions. **Description** The issue concerns ClassLoaderTheme and ClasspathThemeResourceProviderFactory, which allow reading any file available as a resource to the classloader. By sending requests for theme resources with a relative path from an external HTTP client, the client will receive the content of random files if available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0.

**Name of the Vulnerable Software and Affected Versions** Keycloak (affected versions not specified) Redhat Keycloak (affected versions not specified) **Description** A flaw in the software allows a brute force attack to be possible, even when the permanent lockout feature is enabled. This is due to an incorrect error message being displayed when incorrect credentials are entered, posing the highest threat to confidentiality. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat Process Automation Manager version 7 **Description** A flaw was found in the software where an attacker can benefit from a brute force attack against the Administration Console, as the application does not limit the number of unsuccessful login attempts. **Recommendations** For Red Hat Process Automation Manager version 7, consider implementing a limit on the number of unsuccessful login attempts to the Administration Console as a temporary workaround until a patch is available. Restrict access to the Administration Console to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Business Central (affected versions not specified) Kie-Server APIs (affected versions not specified) **Description** The issue allows an attacker to interfere with an application's processing of XML data through XML external entity injection (XXE). This occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser, causing the product to embed incorrect documents into its output. The XXE leads to External Service interaction and Internal file read. **Recommendations** For Business Central, consider disabling the processing of external XML entities until a patch is available. For Kie-Server APIs, restrict access to XML documents that can contain external entities to minimize the risk of exploitation. As a temporary workaround, consider configuring the XML parser to only process XML entities within the intended sphere of control.

**Name of the Vulnerable Software and Affected Versions** Keycloak (affected versions not specified) Red Hat Single Sign-On (affected versions not specified) **Description** A flaw was found in Keycloak where it may fail to logout a user session if the logout request comes from an external SAML identity provider and the Principal Type is set to `Attribute [Name]`. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** keycloak versions prior to 14.0.0 **Description** A flaw was found in keycloak-model-infinispan where the authenticationSessions map in RootAuthenticationSessionEntity grows boundlessly, which could lead to a Denial of Service (DoS) attack. **Recommendations** For versions prior to 14.0.0, update to version 14.0.0 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: jBPM version 7.51.0.Final Description: A flaw in the BPMN editor allows any authenticated user to see the names of Ruleflow Groups from other projects, despite not having access to those projects. This poses a threat to confidentiality. Recommendations: For version 7.51.0.Final, consider restricting access to the BPMN editor to minimize the risk of unauthorized users viewing Ruleflow Group names from other projects. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: keycloak versions prior to 13.0.0 Description: A flaw in keycloak allows for a Self Stored XSS attack vector, which can escalate to a complete account takeover. This is due to user-supplied data fields not being properly encoded and the use of Javascript code to process the data. The highest threat from this issue is to data confidentiality and integrity, as well as system availability. Recommendations: For versions prior to 13.0.0, update to version 13.0.0 or later to resolve the issue. As a temporary workaround, consider disabling the use of user-supplied data fields in Javascript code until a patch is available. Restrict access to sensitive data and functions to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: keycloak (affected versions not specified) redhat keycloak (affected versions not specified) Description: A flaw was found in keycloak, allowing directories to be created with wider user permissions in the temporary directory before the Java process creates them. This gives an attacker access to the contents stored by keycloak in this directory, posing a threat to data confidentiality and integrity. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: keycloak (affected versions not specified) Description: A flaw was found in the new account console of keycloak, allowing malicious code to be executed using the referrer URL. The highest threat from this issue is to data confidentiality and integrity as well as system availability. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Keycloak version 12.0.0 Description: A flaw was found in Keycloak where re-authentication does not occur while updating the password. This flaw allows an attacker to take over an account if they can obtain temporary, physical access to a user’s browser. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Recommendations: For Keycloak version 12.0.0, consider implementing additional authentication measures to prevent account takeover, such as requiring re-authentication before password updates. As a temporary workaround, restrict access to password update functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Keycloak versions prior to 13.0.0 **Description** A flaw was found in Keycloak, where it is possible to force the server to call out an unverified URL using the OIDC parameter `request uri`. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. **Recommendations** For versions prior to 13.0.0, update to version 13.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `request uri` parameter in the OIDC endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Keycloak version 10.0.1 **Description** A flaw in the data filter of Keycloak allows the processing of data URLs under certain circumstances, enabling an attacker to conduct cross-site scripting or further attacks. **Recommendations** For version 10.0.1, consider disabling the data filter functionality until a patch is available to prevent the processing of malicious data URLs.

**Name of the Vulnerable Software and Affected Versions** Keycloak versions prior to 10.0.0 **Description** A flaw was found in Keycloak where the NodeJS adapter did not support the verify-token-audience. This results in some users having access to sensitive information outside of their permissions. **Recommendations** For versions prior to 10.0.0, update to version 10.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Keycloak versions prior to 11.0.1 **Description** The issue is related to a denial of service (DoS) attack, which can be initiated remotely. It is caused by sending requests with a Content-Length header value that exceeds the actual byte count of the request body, potentially leading to unlimited memory allocation. This can allow an attacker to cause a service disruption. The estimated number of potentially affected devices is not specified. **Recommendations** For versions prior to 11.0.1, update to version 11.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Keycloak server to minimize the risk of exploitation. Avoid sending requests with a Content-Length header value that exceeds the actual byte count of the request body until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** FUEL CMS version 1.4.7 **Description** The issue is related to a lack of protection in the SQL query structure, allowing for SQL injection. This can be exploited via the `col` parameter in API endpoints such as "/pages/items", "/permissions/items", or "/navigation/items". The exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For FUEL CMS version 1.4.7, as a temporary workaround, consider restricting access to the vulnerable API endpoints "/pages/items", "/permissions/items", and "/navigation/items" to minimize the risk of exploitation. Avoid using the `col` parameter in these endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Keycloak versions prior to 9.0.2 Redhat Keycloak (affected versions not specified) Redhat Openshift Application Runtimes (affected versions not specified) Redhat Single Sign-On (affected versions not specified) **Description** A flaw in the software allows a malicious user who is currently logged in to see the personal information of a previously logged out user in the account manager section. **Recommendations** For Keycloak versions prior to 9.0.2, update to version 9.0.2 or later to resolve the issue. At the moment, there is no information about a newer version that contains a fix for Redhat Keycloak, Redhat Openshift Application Runtimes, and Redhat Single Sign-On.

**Name of the Vulnerable Software and Affected Versions** business-central as shipped in rhdm-7.5.1 business-central as shipped in rhpam-7.5.1 **Description** A vulnerability was found in business-central where encoded passwords are stored in `errai security context`. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed. **Recommendations** For business-central as shipped in rhdm-7.5.1, consider updating the password storage mechanism to use a secure encryption algorithm. For business-central as shipped in rhpam-7.5.1, consider updating the password storage mechanism to use a secure encryption algorithm. As a temporary workaround, consider restricting access to `errai security context` to minimize the risk of password exposure.