CVE-2023-6787

Summary

A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.

Affected Software

VendorProductVersion RangeStatus
0 < 22.0.10affected
0 < 24.0.3affected
Red HatRed Hat build of Keycloak 2222.0.10-1 < *unaffected
Red HatRed Hat build of Keycloak 2222-13 < *unaffected
Red HatRed Hat build of Keycloak 2222-16 < *unaffected

Weaknesses

  • CWE-287: Improper Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References