Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Keycloak Vulnerability Puts SAML Authentication at Risk
Malware and Vulnerabilities
September 23, 2024
Security Online
The vulnerability lies in Keycloak's XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital "Reference" element that specifies the signed portion of the document.
Read More
keycloak
CVE-2024-8698
SAML authentication
Signature Validation Bypass
Security Patch
Publisher
Previous
Critical Grafana Plugin SDK Flaw Exposes Sensitive Info ...
Malware and Vulnerabilities
Next
DOJ, FBI Need Better Metrics for Tracking Ransomware Di ...
Govt., Critical Infrastructure