CVE-2023-6544
CVSS v3.1
5.4 (Medium)
EPSS
0.04 % (14th)
Advisories
1
NVD Status
Awaiting Analysis
A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.
Weaknesses
- CWE-625
- Permissive Regular Expression
- CVE Status
- PUBLISHED
- NVD Status
- Awaiting Analysis
- CNA
- Red Hat, Inc.
- Published Date
-
2024-04-25 16:15:10
(4 months ago) - Updated Date
-
2024-04-25 17:24:59
(4 months ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...