Keycloak's OpenID Connect user authentication was found to incorrectly authenticate requests. An authenticated attacker who could also obtain a certain piece of info from a user request, from a victim within the same realm, could use that data to impersonate the victim and generate new session tokens.
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 7 Via RHSA-2023:1043 https://access.redhat.com/errata/RHSA-2023:1043
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 8 Via RHSA-2023:1044 https://access.redhat.com/errata/RHSA-2023:1044
This issue has been addressed in the following products: Red Hat Single Sign-On 7.6 for RHEL 9 Via RHSA-2023:1045 https://access.redhat.com/errata/RHSA-2023:1045
This issue has been addressed in the following products: RHEL-8 based Middleware Containers Via RHSA-2023:1047 https://access.redhat.com/errata/RHSA-2023:1047
This issue has been addressed in the following products: Red Hat Single Sign-On Via RHSA-2023:1049 https://access.redhat.com/errata/RHSA-2023:1049
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-0264