CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at Risk
A high-severity vulnerability, identified as CVE-2024-8698, has been found in Keycloak's SAML signature validation process, which could allow attackers to bypass authentication controls. The flaw is in the XMLSignatureUtil class that incorrectly validates signatures based on their position in the XML document rather than checking the "Reference" element that specifies the signed section. Attackers could exploit this by including a valid signed assertion along with an unsigned one in a SAML response, leading to potential privilege escalation and user impersonation. Keycloak versions up to 25.0.5 are affected, and the issue has been fixed in version 25.0.6. Users are urged to update their Keycloak installations to mitigate the risk associated with this vulnerability. CVEs: CVE-2024-8698 [View Article](https://securityonline.info/cve-2024-8698-keycloak-vulnerability-puts-saml-authentication-at-risk/)