CVE-2024-1132: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
AI Analysis
Technical Summary
CVE-2024-1132 is a path traversal vulnerability in Keycloak's redirect URL validation mechanism. It occurs when Keycloak does not properly validate URLs in redirect requests, particularly when clients use wildcards in the Valid Redirect URIs configuration. This improper validation can be exploited by attackers to bypass restrictions and access unauthorized URLs or sensitive information within the domain. The vulnerability requires user interaction to trigger the malicious redirect. Red Hat Single Sign-On 7.6.8 releases for RHEL 7 and 8 include patches that fix this issue, as documented in multiple Red Hat security advisories.
Potential Impact
The vulnerability allows attackers to bypass redirect URL validation, potentially leading to unauthorized access to sensitive information or further attacks within the affected domain. The CVSS v3.1 score is 8.1 (High), indicating a significant impact on confidentiality and integrity, with no impact on availability. Exploitation requires no privileges but does require user interaction. There are no known exploits in the wild at the time of publication.
Mitigation Recommendations
Red Hat has released security updates in Red Hat Single Sign-On 7.6.8 for RHEL 7 and RHEL 8 that address CVE-2024-1132. Users should apply these official patches to remediate the vulnerability. Before applying the update, ensure all previously released errata relevant to the system have been applied. Refer to Red Hat's official guidance at https://access.redhat.com/articles/11258 for update procedures. Since this is not a cloud service, remediation is the responsibility of the system administrators. No alternative mitigations or workarounds are indicated in the vendor advisories.
CVE-2024-1132: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain or conduct further attacks. This flaw affects any client that utilizes a wildcard in the Valid Redirect URIs field, and requires user interaction within the malicious URL.
CVSS v3.1
Score 8.1high
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-1132 is a path traversal vulnerability in Keycloak's redirect URL validation mechanism. It occurs when Keycloak does not properly validate URLs in redirect requests, particularly when clients use wildcards in the Valid Redirect URIs configuration. This improper validation can be exploited by attackers to bypass restrictions and access unauthorized URLs or sensitive information within the domain. The vulnerability requires user interaction to trigger the malicious redirect. Red Hat Single Sign-On 7.6.8 releases for RHEL 7 and 8 include patches that fix this issue, as documented in multiple Red Hat security advisories.
Potential Impact
The vulnerability allows attackers to bypass redirect URL validation, potentially leading to unauthorized access to sensitive information or further attacks within the affected domain. The CVSS v3.1 score is 8.1 (High), indicating a significant impact on confidentiality and integrity, with no impact on availability. Exploitation requires no privileges but does require user interaction. There are no known exploits in the wild at the time of publication.
Mitigation Recommendations
Red Hat has released security updates in Red Hat Single Sign-On 7.6.8 for RHEL 7 and RHEL 8 that address CVE-2024-1132. Users should apply these official patches to remediate the vulnerability. Before applying the update, ensure all previously released errata relevant to the system have been applied. Refer to Red Hat's official guidance at https://access.redhat.com/articles/11258 for update procedures. Since this is not a cloud service, remediation is the responsibility of the system administrators. No alternative mitigations or workarounds are indicated in the vendor advisories.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2024-01-31T17:07:33.455Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2024:1860","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1861","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1862","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1864","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1866","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1867","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:1868","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:2945","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:3752","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:3762","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:3919","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2024:3989","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2024-1132","vendor":"Red Hat"}]
Threat ID: 690dcba503ca312466af76ad
Added to database: 11/07/2025, 10:36:21 UTC
Last enriched: 05/17/2026, 09:06:33 UTC
Last updated: 07/07/2026, 22:28:13 UTC
Views: 416
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.