1. Home
  2. Vulnerabilities
  3. CVE-2023-6544

CVE-2023-6544

CVSS v3.1 5.4 (Medium)
54% Progress
EPSS 0.04 % (14th)
0.04% Progress
Advisories 1
NVD Status Awaiting Analysis
Info CVSS EPSS References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Keycloak package. This issue occurs due to a permissive regular expression hardcoded for filtering which allows hosts to register a dynamic client. A malicious user with enough information about the environment could jeopardize an environment with this specific Dynamic Client Registration and TrustedDomain configuration previously unauthorized.

Weaknesses
CWE-625
Permissive Regular Expression
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Red Hat, Inc.
Published Date
2024-04-25 16:15:10
(4 months ago)
Updated Date
2024-04-25 17:24:59
(4 months ago)