GSD-2023-0091
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-0091",
"id": "GSD-2023-0091",
"references": [
"https://access.redhat.com/errata/RHSA-2023:1043",
"https://access.redhat.com/errata/RHSA-2023:1044",
"https://access.redhat.com/errata/RHSA-2023:1045",
"https://access.redhat.com/errata/RHSA-2023:1047",
"https://access.redhat.com/errata/RHSA-2023:1049"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-0091"
],
"details": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"id": "GSD-2023-0091",
"modified": "2023-12-13T01:20:23.103675Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-0091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keycloak",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"status": "unknown",
"version": "n/a"
}
]
}
}
]
}
}
]
},
"vendor_name": "redhat.com"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2023-0091",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,20.0.2]",
"affected_versions": "All versions up to 20.0.2",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2023-01-12",
"description": "When a service account with the create-client or manage-clients role can use the client-registration endpoints to create/manage clients with an access token.\n\nIf the access token is leaked, there is an option to revoke the specific token. However, the check is not performed in client-registration endpoints.",
"fixed_versions": [
"20.0.3"
],
"identifier": "GMS-2023-37",
"identifiers": [
"GHSA-v436-q368-hvgg",
"GMS-2023-37",
"CVE-2023-0091"
],
"not_impacted": "All versions after 20.0.2",
"package_slug": "maven/org.keycloak/keycloak-core",
"pubdate": "2023-01-12",
"solution": "Upgrade to version 20.0.3 or above.",
"title": "Keycloak has lack of validation of access token on client registrations endpoint",
"urls": [
"https://github.com/keycloak/keycloak/security/advisories/GHSA-v436-q368-hvgg",
"https://github.com/advisories/GHSA-v436-q368-hvgg"
],
"uuid": "7a91f54d-13b7-43a4-8271-8b28e010228c"
},
{
"affected_range": "(,)",
"affected_versions": "All versions",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-863",
"CWE-937"
],
"date": "2023-02-22",
"description": "A flaw was found in Keycloak, where it does not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"fixed_versions": [],
"identifier": "CVE-2023-0091",
"identifiers": [
"CVE-2023-0091"
],
"not_impacted": "",
"package_slug": "maven/org.keycloak/keycloak-parent",
"pubdate": "2023-01-13",
"solution": "Unfortunately, there is no solution available.",
"title": "Incorrect Authorization",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"https://access.redhat.com/security/cve/CVE-2023-0091"
],
"uuid": "3ba73c43-eb2b-4e7c-ae21-4d7a56d9862e"
},
{
"affected_range": "",
"affected_versions": "All versions",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-863",
"CWE-937"
],
"date": "2023-02-22",
"description": "A flaw was found in Keycloak, where it does not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.",
"fixed_versions": [],
"identifier": "CVE-2023-0091",
"identifiers": [
"CVE-2023-0091"
],
"not_impacted": "",
"package_slug": "npm/keycloak-connect",
"pubdate": "2023-01-13",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Incorrect Authorization",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2023-0091",
"https://access.redhat.com/security/cve/CVE-2023-0091"
],
"uuid": "f1067cce-5ed1-4131-b4b7-23c06e151d85"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-0091"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2023-0091",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-0091"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
},
"lastModifiedDate": "2023-02-22T17:07Z",
"publishedDate": "2023-01-13T06:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…