CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
Low
EPSS
Percentile
13.0%
A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.
[
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rhbk/keycloak-operator-bundle",
"defaultStatus": "affected",
"versions": [
{
"version": "22.0.10-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:build_keycloak:22::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rhbk/keycloak-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "22-13",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:build_keycloak:22::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rhbk/keycloak-rhel9-operator",
"defaultStatus": "affected",
"versions": [
{
"version": "22-16",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:build_keycloak:22::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22.0.10",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "keycloak-core",
"cpes": [
"cpe:/a:redhat:build_keycloak:22"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.13-1.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
]
},
{
"vendor": "Red Hat",
"product": "RHEL-8 based Middleware Containers",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rh-sso-7/sso76-openshift-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "7.6-46",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
]
},
{
"vendor": "Red Hat",
"product": "RHSSO 7.6.8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "keycloak-core",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6"
]
}
]
access.redhat.com/errata/RHSA-2024:1860
access.redhat.com/errata/RHSA-2024:1861
access.redhat.com/errata/RHSA-2024:1862
access.redhat.com/errata/RHSA-2024:1864
access.redhat.com/errata/RHSA-2024:1866
access.redhat.com/errata/RHSA-2024:1867
access.redhat.com/errata/RHSA-2024:1868
access.redhat.com/security/cve/CVE-2023-6544
bugzilla.redhat.com/show_bug.cgi?id=2253116