Insecure Temporary File in Keycloak - CVE-2021-20202

 

Insecure Temporary File in Keycloak - CVE-2021-20202

Published: May 25, 2021


Vulnerability identifier: #VU53528
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-20202
CWE-ID: CWE-377
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Keycloak
Affected software:
Keycloak

Detailed vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the way keycloak handles temporary directories on the system. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to the contents that keycloak stores in this directory.


How to mitigate CVE-2021-20202

Install updates from vendor's website.

Sources