Bug 2166728 (CVE-2023-0657) - CVE-2023-0657 keycloak: impersonation via logout token exchange
Summary: CVE-2023-0657 keycloak: impersonation via logout token exchange
Keywords:
Status: NEW
Alias: CVE-2023-0657
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2164604
TreeView+ depends on / blocked
 
Reported: 2023-02-02 18:50 UTC by Chess Hazlett
Modified: 2024-04-16 20:27 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: ---
Doc Text:
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2024:1867 0 None None None 2024-04-16 20:27:05 UTC
Red Hat Product Errata RHSA-2024:1868 0 None None None 2024-04-16 20:26:24 UTC

Description Chess Hazlett 2023-02-02 18:50:09 UTC 
Keycloak was found to not properly enforce token types when validating signatures locally. An authenticated attacker could use this flaw to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
Comment 7 errata-xmlrpc 2024-04-16 20:26:22 UTC 
This issue has been addressed in the following products:

  Red Hat build of Keycloak 22.0.10

Via RHSA-2024:1868 https://access.redhat.com/errata/RHSA-2024:1868
Comment 8 errata-xmlrpc 2024-04-16 20:27:04 UTC 
This issue has been addressed in the following products:

  Red Hat build of Keycloak 22

Via RHSA-2024:1867 https://access.redhat.com/errata/RHSA-2024:1867
Note You need to log in before you can comment on or make changes to this bug.