CVE-2021-3827
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3827
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3827.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-3827
- Aliases
- Downstream
- Related
- Published
- 2022-08-23T16:15:10Z
- Modified
- 2025-10-15T13:09:54.012581Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in keycloak, where the default ECP binding flow allows other authentication flows to be bypassed. By exploiting this behavior, an attacker can bypass the MFA authentication by sending a SOAP request with an AuthnRequest and Authorization header with the user's credentials. The highest threat from this vulnerability is to confidentiality and integrity.
- References
Affected packages
Git / github.com/keycloak/keycloak
Affected ranges
- Type
- GIT
- Repo
- https://github.com/keycloak/keycloak
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
1.*
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-beta-1
1.0-beta-2
1.0-beta-4
1.0-final
1.0-rc-1
1.0.0.Final
1.1.0.Beta2
1.3.0.Final
2.*
2.4.0.Test
Database specific
vanir_signatures
[
{
"digest": {
"function_hash": "212520189598204178500964708070234797586",
"length": 218.0
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java",
"function": "loginRequest"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2021-3827-0ce03a52"
},
{
"digest": {
"function_hash": "337609130849563125041671062038873152750",
"length": 967.0
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java",
"function": "authenticate"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2021-3827-0f20571d"
},
{
"digest": {
"function_hash": "229822663848810032433486863252380922536",
"length": 571.0
},
"target": {
"file": "testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/AbstractClientTest.java",
"function": "getSAMLAttributes"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2021-3827-28653c2b"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"215631491411821070735376067293962108975",
"153274152995229797125408961090909558014",
"196906707112998722270429638704590139521"
]
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/SamlClient.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-28d450a3"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"303113043750418129978948625143359276695",
"50600244543103772106103076178352133789",
"53199942007266921693907482212773939756",
"300331519814893254396376102106874850542",
"177642077267557112949817193022767895774",
"201640588455627099057551455880302069007",
"132191498884138545855130154810077282660",
"33074117328358666953762908824175643007",
"174665203706532660485280429815132231673",
"312036669604126178477304735812201591625",
"187696191168375888130994474940785440993",
"154166949919666895295004725385238123568",
"232464218934570735464771003828110683891",
"109738459045191713589074003524583212459",
"324800613511599023792950666231392306391",
"38727632609551529204256312903936643559",
"155382758246502914120443924506367729642",
"245697714257191739408878735336936515937",
"265464357186111349375911640630801083816",
"187911743487843818094175935460594876358"
]
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-54b9c5f9"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"242208758497214254032276970629661874084",
"92786398114558933779208644309221700376",
"319183704959866635175550306817086900890",
"218860084448227716502231274369250366898",
"184214818657965614289254117886226648911",
"267821224645019617484266030885081106641",
"247588290786554071760075432191110629104",
"325429256297616887990440082106330935940",
"274430695167334970725585165938921011266",
"36161509126850640871188678028296929299",
"240604975300362109378643260920622173318",
"131768632528878448803158444790371295139",
"106773418870468777690420752724497242021",
"192169984922763104231261301706465935877"
]
},
"target": {
"file": "testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/saml/SOAPBindingTest.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-55123f95"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"340219240950948077348739593903278686649",
"130147151841730810456753002980713389147",
"270636818886313678145718310748278658077"
]
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-5ab2182a"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"248376261775518755884085016100021397800",
"241159967194685929503018579458896404917"
]
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/SamlConfigAttributes.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-6711d089"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"72214456052989565771379347775731267671",
"269748710327618109730855313997807446944",
"110567558295193260292399838623466549971"
]
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/SamlRepresentationAttributes.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-9dd4849d"
},
{
"digest": {
"function_hash": "15474601392909960575014213533422232984",
"length": 143.0
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/profile/ecp/SamlEcpProfileService.java",
"function": "newBrowserAuthentication"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2021-3827-bb88962b"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"262448539613015048050468235855552886857",
"161577943999875728619213063088740100855",
"139479522431928068460446647230805072198",
"57027836670440250492580950285133141047",
"25447803686384105175420968018674080952",
"61626490176544290083774503397687046298",
"235062060019871467180772940324765782232"
]
},
"target": {
"file": "testsuite/integration-arquillian/tests/other/console/src/main/java/org/keycloak/testsuite/console/page/clients/settings/ClientSettingsForm.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-c9193e5f"
},
{
"digest": {
"function_hash": "92195846826912487523187516165704135296",
"length": 1090.0
},
"target": {
"file": "services/src/main/java/org/keycloak/protocol/saml/SamlProtocolFactory.java",
"function": "setupClientDefaults"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Function",
"id": "CVE-2021-3827-d454da2d"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"261382111650982316217373406955032870749",
"7580793112656923761660827935395635737",
"57497680790517225217297284316347312734",
"314814614031498990191621479315114542648",
"272989190597646595465045792083163895908",
"9490103238962051827470928930238024525",
"229769017734929162994427375062378599112",
"14969731917488955508659134847527781240",
"251410923360235723437317991576722681085",
"249709805156436776357546495028473612139",
"132727765054566970678779110334979206145",
"185002285512663754688403608150642255192"
]
},
"target": {
"file": "testsuite/integration-arquillian/tests/other/console/src/test/java/org/keycloak/testsuite/console/clients/AbstractClientTest.java"
},
"source": "https://github.com/keycloak/keycloak/commit/44000caaf5051d7f218d1ad79573bd3d175cad0d",
"deprecated": false,
"signature_version": "v1",
"signature_type": "Line",
"id": "CVE-2021-3827-e11b9ac8"
}
]