CVE-2023-6291

CWE-601 — Open Redirect CWE-20 — Improper Input Validation7 documents6 sources

Severity

7.1HIGH

EPSS

0.2%

top 60.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Keycloak Redhat Migration Toolkit FOR Applications Redhat Openshift Container Platform +4 more

Timeline

PublishedJan 26

Latest updateJun 24

Description

A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.7

Affected Packages4 packages

▶NVDredhat/keycloak< 22.0.7

▶Mavenorg.keycloak:keycloak-services< 23.0.3

▶NVDredhat/single_sign-on7.6

▶NVDredhat/migration_toolkit6.0, 7.0+1

Also affects: Openshift Container Platform 4.11, 4.12, 4.10, 4.9

🔴Vulnerability Details

CVEList

Keycloak: redirect_uri validation bypass↗2024-01-26

▶

OSV

The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted↗2023-12-21

▶

GHSA

The redirect_uri validation logic allows for bypassing explicitly allowed hosts that would otherwise be restricted↗2023-12-21

▶

📋Vendor Advisories

Chrome

Stable Channel Update for Desktop: CVE-2024-6290↗2024-06-24

▶

Red Hat

keycloak: path traversal in the redirect validation↗2024-04-16

▶

Red Hat

keycloak: redirect_uri validation bypass↗2023-12-14

▶