Lucene search
RedhatCVE-2023-6927HistoryDec 18, 2023 - 11:15 p.m.
CVE-2023-6927
2023-12-1823:15:10
CWE-601
redhat
web.nvd.nist.gov
85
keycloak
flaw
theft
tokens
wildcard
jarm
security patch
cve-2023-6927
cve-2023-6134
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
51.4%
A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode “form_post.jwt” which could be used to bypass the security patch implemented to address CVE-2023-6134.
Affected configurations
Node
redhatkeycloakMatch-
Node
redhatsingle_sign-onMatch7.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | keycloak | - | cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:* |
| redhat | single_sign-on | 7.0 | cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rhbk/keycloak-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "22-7",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:build_keycloak:22::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat build of Keycloak 22.0.8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "keycloak-core",
"cpes": [
"cpe:/a:redhat:build_keycloak:22"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "keycloak-core",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.11-3.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.12-1.redhat_00001.1.el7sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.11-3.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.12-1.redhat_00001.1.el8sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.11-3.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Single Sign-On 7.6 for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rh-sso7-keycloak",
"defaultStatus": "affected",
"versions": [
{
"version": "0:18.0.12-1.redhat_00001.1.el9sso",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
]
},
{
"vendor": "Red Hat",
"product": "RHEL-8 based Middleware Containers",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rh-sso-7/sso76-openshift-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "7.6-39",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
]
},
{
"vendor": "Red Hat",
"product": "RHEL-8 based Middleware Containers",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rh-sso-7/sso76-openshift-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "7.6-41",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhosemc:1.0::el8"
]
},
{
"vendor": "Red Hat",
"product": "Single Sign-On 7.6.6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"defaultStatus": "unaffected",
"packageName": "keycloak-core",
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7.6.6"
]
}
]References
access.redhat.com/errata/RHSA-2024:0094
access.redhat.com/errata/RHSA-2024:0095
access.redhat.com/errata/RHSA-2024:0096
access.redhat.com/errata/RHSA-2024:0097
access.redhat.com/errata/RHSA-2024:0098
access.redhat.com/errata/RHSA-2024:0100
access.redhat.com/errata/RHSA-2024:0101
access.redhat.com/errata/RHSA-2024:0798
access.redhat.com/errata/RHSA-2024:0799
access.redhat.com/errata/RHSA-2024:0800
access.redhat.com/errata/RHSA-2024:0801
access.redhat.com/errata/RHSA-2024:0804
access.redhat.com/security/cve/CVE-2023-6927
bugzilla.redhat.com/show_bug.cgi?id=2255027
Related
redhatcve
redhatcve
osv
osv
CVE-2023-6927
2023-12-18 23:15:10
Keycloak Open Redirect vulnerability
2023-12-19 00:30:21
Keycloak vulnerable to reflected XSS via wildcard in OIDC redirect_uri
2023-12-18 19:31:02
prion
prion
Design/Logic Flaw
2023-12-18 23:15:00
Authentication flaw
2023-12-18 17:15:00
Cross site scripting
2023-12-14 22:15:00
nvd
nvd
github
github
Keycloak Open Redirect vulnerability
2023-12-19 00:30:21
Keycloak vulnerable to reflected XSS via wildcard in OIDC redirect_uri
2023-12-18 19:31:02
keycloak-core: open redirect via "form_post.jwt" JARM response mode
2024-01-23 14:43:50
cvelist
cvelist
CVE-2023-6927 Keycloak: open redirect via "form_post.jwt" jarm response mode
2023-12-18 22:59:07
CVE-2023-6134 Keycloak: reflected xss via wildcard in oidc redirect_uri
2023-12-14 21:42:12
redhat
redhat
nessus
nessus
cve
cve
CVE-2023-6920
2023-12-18 17:15:11
CVE-2023-6134
2023-12-14 22:15:44
veracode
veracode
Cross-Site Scripting (XSS)
2023-12-19 06:59:21
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
51.4%
Related for CVE-2023-6927