← volver
CVE-2023-6927

Keycloak: open redirect via "form_post.jwt" jarm response mode

CVSS 4.6 MEDIUMEPSS 1.1%CWE-601
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.6EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
18 dic 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Productos afectados
Red Hat · Red Hat build of Keycloak 22Red Hat · Red Hat build of Keycloak 22.0.8Red Hat · Red Hat Single Sign-On 7Red Hat · Red Hat Single Sign-On 7.6 for RHEL 7Red Hat · Red Hat Single Sign-On 7.6 for RHEL 8Red Hat · Red Hat Single Sign-On 7.6 for RHEL 9Red Hat · RHEL-8 based Middleware ContainersRed Hat · Single Sign-On 7.6.6

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://access.redhat.com/errata/RHSA-2024:0094https://access.redhat.com/errata/RHSA-2024:0095https://access.redhat.com/errata/RHSA-2024:0096https://access.redhat.com/errata/RHSA-2024:0097https://access.redhat.com/errata/RHSA-2024:0098https://access.redhat.com/errata/RHSA-2024:0100https://access.redhat.com/errata/RHSA-2024:0101https://access.redhat.com/errata/RHSA-2024:0798https://access.redhat.com/errata/RHSA-2024:0799https://access.redhat.com/errata/RHSA-2024:0800https://access.redhat.com/errata/RHSA-2024:0801https://access.redhat.com/errata/RHSA-2024:0804