CVE-2023-0264
CVSS v3.1
5 (Medium)
EPSS
0.05 % (19th)
Affected Products
6
Advisories
1
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability.
Weaknesses
- CWE-287
- Improper Authentication
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-08-04 18:15:11
(13 months ago) - Updated Date
-
2023-08-14 18:14:02
(13 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...