Lucene search
RedhatCVELIST:CVE-2023-0105HistoryJan 11, 2023 - 8:46 p.m.
CVE-2023-0105
2023-01-1120:46:51
redhat
www.cve.org
2
cve-2023-0105
keycloak
email trust
impersonation
lockout
A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lockout or impersonate them.
CNA Affected
[
{
"vendor": "redhat.com",
"product": "Keycloak",
"defaultStatus": "unaffected",
"versions": [
{
"version": "n/a",
"status": "unknown"
}
]
}
]Related
cve
cve
CVE-2023-0105
2023-01-13 06:15:11
redhatcve
redhatcve
CVE-2023-0105
2023-01-06 22:34:54
osv
osv
veracode
veracode
Insecure Permissions
2023-01-20 01:24:18
github
github
nvd
nvd
CVE-2023-0105
2023-01-13 06:15:11
prion
prion
Design/Logic Flaw
2023-01-13 06:15:00
redhat
redhat
(RHSA-2023:7482) Important: Red Hat Single Sign-On 7.6.6 security update on RHEL 7
2023-11-24 16:48:38
(RHSA-2023:7486) Important: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update
2023-11-24 16:49:37
(RHSA-2023:7488) Important: Red Hat Single Sign-On 7.6.6 security update
2023-11-24 16:56:27
nessus
nessus
