csaf_certbund - wid-sec-w-2023-3156

wid-sec-w-2023-3156

Vulnerability from csaf_certbund

Published

2023-12-14 23:00

Modified

2024-02-13 23:00

Summary

Keycloak: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Keycloak ermöglicht Single Sign-On mit Identity and Access Management für moderne Anwendungen und Dienste. Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Keycloak ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Keycloak erm\u00f6glicht Single Sign-On mit Identity and Access Management f\u00fcr moderne Anwendungen und Dienste.\r\nRed Hat Single Sign-On ist ein eigenst\u00e4ndiger Server, basierend auf dem Keycloak Projekt.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Keycloak ausnutzen, um Sicherheitsvorkehrungen zu umgehen oder einen Denial of Service zu verursachen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-3156 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3156.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-3156 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3156"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7854"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7855"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7856"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7857"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7858"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7860"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2023-12-14",
        "url": "https://access.redhat.com/errata/RHSA-2023:7861"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0799 vom 2024-02-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:0799"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:0804 vom 2024-02-13",
        "url": "https://access.redhat.com/errata/RHSA-2024:0804"
      }
    ],
    "source_lang": "en-US",
    "title": "Keycloak: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-13T23:00:00.000+00:00",
      "generator": {
        "date": "2024-02-15T17:54:24.148+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.0"
        }
      },
      "id": "WID-SEC-W-2023-3156",
      "initial_release_date": "2023-12-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-12-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-02-13T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Keycloak",
            "product": {
              "name": "Open Source Keycloak",
              "product_id": "T024196",
              "product_identification_helper": {
                "cpe": "cpe:/a:keycloak:keycloak:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 7.6.6",
                "product": {
                  "name": "Red Hat Single Sign On \u003c 7.6.6",
                  "product_id": "T031713",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:single_sign_on:7.6.6"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Single Sign On"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-6291",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Keycloak und Red Hat Single Sign On. Die Ursache ist ein Problem in der redirect_uri Validierungslogik. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T024196"
        ]
      },
      "release_date": "2023-12-14T23:00:00Z",
      "title": "CVE-2023-6291"
    },
    {
      "cve": "CVE-2023-6563",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Keycloak und Red Hat Single Sign On. Unter bestimmten Umst\u00e4nden kann die Benutzeroberfl\u00e4che dazu gebracht werden, eine gro\u00dfe Anzahl von Offline-Client-Sitzungen zu laden, was zu einem \u00fcberm\u00e4\u00dfigen Speicher- und CPU-Verbrauch f\u00fchrt. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "67646",
          "T024196"
        ]
      },
      "release_date": "2023-12-14T23:00:00Z",
      "title": "CVE-2023-6563"
    }
  ]
}

cve-2023-6563

Vulnerability from cvelistv5

Published

2023-12-14 18:01

Modified

2024-09-18 08:33

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

Keycloak: offline session token dos

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2023:7854	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7855	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7856	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7857	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7858	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-6563	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2253308	issue-tracking, x_refsource_REDHAT
	https://github.com/keycloak/keycloak/issues/13340

Impacted products

▼	Vendor	Product
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 7
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 8
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 9
	Red Hat	RHEL-8 based Middleware Containers
	Red Hat	RHEL-8 based Middleware Containers
	Red Hat	Single Sign-On 7.6.6
	Red Hat	Red Hat Build of Keycloak

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:35:14.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7854"
          },
          {
            "name": "RHSA-2023:7855",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7855"
          },
          {
            "name": "RHSA-2023:7856",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7856"
          },
          {
            "name": "RHSA-2023:7857",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7857"
          },
          {
            "name": "RHSA-2023:7858",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7858"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-6563"
          },
          {
            "name": "RHBZ#2253308",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253308"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/keycloak/keycloak/issues/13340"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el7sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el8sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el9sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso-7/sso76-openshift-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.6-38",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso-7/sso7-rhel8-operator-bundle",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.6.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6.6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak-core",
          "product": "Single Sign-On 7.6.6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:build_keycloak:"
          ],
          "defaultStatus": "affected",
          "packageName": "keycloak-core",
          "product": "Red Hat Build of Keycloak",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-12-14T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens (\u003e 500,000 users with each having at least 2 saved sessions). If an attacker creates two or more user sessions and then open the \"consents\" tab of the admin User Interface, the UI attempts to load a huge number of offline client sessions leading to excessive memory and CPU consumption which could potentially crash the entire system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-18T08:33:37.699Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7854"
        },
        {
          "name": "RHSA-2023:7855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7855"
        },
        {
          "name": "RHSA-2023:7856",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7856"
        },
        {
          "name": "RHSA-2023:7857",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7857"
        },
        {
          "name": "RHSA-2023:7858",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7858"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-6563"
        },
        {
          "name": "RHBZ#2253308",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253308"
        },
        {
          "url": "https://github.com/keycloak/keycloak/issues/13340"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-06T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-12-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Keycloak: offline session token dos",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are three main options to prevent exploitation:\n1) If you are using a reverse proxy, block the consents URL.\n2) This option is less effective: remove the consents application tab from the account console theme.\n3) This option has a significant negative impact on end users: entirely disable offline user profiles."
        }
      ],
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-6563",
    "datePublished": "2023-12-14T18:01:26.005Z",
    "dateReserved": "2023-12-06T18:47:35.594Z",
    "dateUpdated": "2024-09-18T08:33:37.699Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6291

Vulnerability from cvelistv5

Published

2024-01-26 14:23

Modified

2024-11-13 14:56

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Summary

Keycloak: redirect_uri validation bypass

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2023:7854	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7855	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7856	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7857	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7858	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7860	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7861	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0798	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0799	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0800	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0801	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0804	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-6291	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2251407	issue-tracking, x_refsource_REDHAT

Impacted products

▼	Vendor	Product
	Red Hat	Red Hat build of Keycloak 22
	Red Hat	Red Hat build of Keycloak 22
	Red Hat	Red Hat build of Keycloak 22
	Red Hat	Red Hat build of Keycloak 22.0.7
	Red Hat	Red Hat Single Sign-On 7
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 7
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 7
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 8
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 8
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 9
	Red Hat	Red Hat Single Sign-On 7.6 for RHEL 9
	Red Hat	RHEL-8 based Middleware Containers
	Red Hat	RHEL-8 based Middleware Containers
	Red Hat	RHEL-8 based Middleware Containers
	Red Hat	Single Sign-On 7.6.6
	Red Hat	Migration Toolkit for Applications 6
	Red Hat	Migration Toolkit for Applications 7
	Red Hat	OpenShift Serverless
	Red Hat	Red Hat Data Grid 8
	Red Hat	Red Hat Decision Manager 7
	Red Hat	Red Hat Fuse 7
	Red Hat	Red Hat JBoss Data Grid 7
	Red Hat	Red Hat JBoss Enterprise Application Platform 6
	Red Hat	Red Hat Process Automation 7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:28:21.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7854"
          },
          {
            "name": "RHSA-2023:7855",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7855"
          },
          {
            "name": "RHSA-2023:7856",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7856"
          },
          {
            "name": "RHSA-2023:7857",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7857"
          },
          {
            "name": "RHSA-2023:7858",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7858"
          },
          {
            "name": "RHSA-2023:7860",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7860"
          },
          {
            "name": "RHSA-2023:7861",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7861"
          },
          {
            "name": "RHSA-2024:0798",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0798"
          },
          {
            "name": "RHSA-2024:0799",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0799"
          },
          {
            "name": "RHSA-2024:0800",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0800"
          },
          {
            "name": "RHSA-2024:0801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0801"
          },
          {
            "name": "RHSA-2024:0804",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0804"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-6291"
          },
          {
            "name": "RHBZ#2251407",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251407"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6291",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T14:56:46.143772Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T14:56:59.598Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:build_keycloak:22::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhbk/keycloak-operator-bundle",
          "product": "Red Hat build of Keycloak 22",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "22.0.7-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:build_keycloak:22::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhbk/keycloak-rhel9",
          "product": "Red Hat build of Keycloak 22",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "22-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:build_keycloak:22::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhbk/keycloak-rhel9-operator",
          "product": "Red Hat build of Keycloak 22",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "22-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:build_keycloak:22"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat build of Keycloak 22.0.7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat Single Sign-On 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el7sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.12-1.redhat_00001.1.el7sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el8sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.12-1.redhat_00001.1.el8sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.11-2.redhat_00003.1.el9sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat Single Sign-On 7.6 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:18.0.12-1.redhat_00001.1.el9sso",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso-7/sso76-openshift-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.6-38",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso-7/sso7-rhel8-operator-bundle",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.6.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhosemc:1.0::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-sso-7/sso76-openshift-rhel8",
          "product": "RHEL-8 based Middleware Containers",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "7.6-41",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7.6.6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Single Sign-On 7.6.6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:migration_toolkit_applications:6"
          ],
          "defaultStatus": "affected",
          "packageName": "keycloak",
          "product": "Migration Toolkit for Applications 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:migration_toolkit_applications:7"
          ],
          "defaultStatus": "affected",
          "packageName": "keycloak",
          "product": "Migration Toolkit for Applications 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_data_grid:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat Data Grid 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_brms_platform:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat Decision Manager 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_fuse:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat Fuse 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_data_grid:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat JBoss Data Grid 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rh-sso7-keycloak",
          "product": "Red Hat JBoss Enterprise Application Platform 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keycloak",
          "product": "Red Hat Process Automation 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-12-14T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-22T00:47:04.973Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7854"
        },
        {
          "name": "RHSA-2023:7855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7855"
        },
        {
          "name": "RHSA-2023:7856",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7856"
        },
        {
          "name": "RHSA-2023:7857",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7857"
        },
        {
          "name": "RHSA-2023:7858",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7858"
        },
        {
          "name": "RHSA-2023:7860",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7860"
        },
        {
          "name": "RHSA-2023:7861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7861"
        },
        {
          "name": "RHSA-2024:0798",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0798"
        },
        {
          "name": "RHSA-2024:0799",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0799"
        },
        {
          "name": "RHSA-2024:0800",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0800"
        },
        {
          "name": "RHSA-2024:0801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0801"
        },
        {
          "name": "RHSA-2024:0804",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0804"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-6291"
        },
        {
          "name": "RHBZ#2251407",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251407"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-11-24T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-12-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Keycloak: redirect_uri validation bypass",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-6291",
    "datePublished": "2024-01-26T14:23:43.185Z",
    "dateReserved": "2023-11-24T18:16:45.923Z",
    "dateUpdated": "2024-11-13T14:56:59.598Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2023-3156

Vulnerability from csaf_certbund

cve-2023-6563

Vulnerability from cvelistv5

cve-2023-6291

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature