CVE-2023-6563: Keycloak: offline session token dos
First published: Wed Dec 06 2023(Updated: )
A vulnerability has been discovered in the way RH-SSO handles offline tokens, which can be exploited to cause a denial of service via memory exhaustion. The issue is caused by the way how the server processes offline tokens. An attacker can exploit this vulnerability by creating just two offline tokens. Once these tokens are created, the attacker can interact with the endpoint by triggering a list of the multiple sessions of the user. In environments where there could be potentially millions of offline tokens created by all users, this action leads to an excessive consumption of server memory.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Keycloak | <21.0.0 | |
| All of | ||
| Redhat Single Sign-on | =7.6 | |
| Any of | ||
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| Redhat Single Sign-on | ||
| All of | ||
| Any of | ||
| Redhat Openshift Container Platform | =4.11 | |
| Redhat Openshift Container Platform | =4.12 | |
| Redhat Enterprise Linux | =8.0 | |
| All of | ||
| Any of | ||
| Redhat Openshift Container Platform For Power | =4.9 | |
| Redhat Openshift Container Platform For Power | =4.10 | |
| Redhat Enterprise Linux | =8.0 | |
| All of | ||
| Any of | ||
| Redhat Openshift Container Platform For Ibm Linuxone | =4.9 | |
| Redhat Openshift Container Platform For Ibm Linuxone | =4.10 | |
| Redhat Enterprise Linux | =8.0 | |
| maven/org.keycloak:keycloak-model-jpa | <21.0.0 | 21.0.0 |
| redhat/keycloak | <21.0.0 | 21.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2023:7854
- https://access.redhat.com/errata/RHSA-2023:7855
- https://access.redhat.com/errata/RHSA-2023:7856
- https://access.redhat.com/errata/RHSA-2023:7857
- https://access.redhat.com/errata/RHSA-2023:7858
- https://access.redhat.com/security/cve/CVE-2023-6563
- https://bugzilla.redhat.com/show_bug.cgi?id=2253308
- https://github.com/keycloak/keycloak/issues/13340
- https://nvd.nist.gov/vuln/detail/CVE-2023-6563
- https://github.com/keycloak/keycloak/pull/15463
- https://github.com/keycloak/keycloak/commit/556146f961f7c8ddf64de15e2117a58d045f72b5
- https://github.com/advisories/GHSA-54f3-c6hg-865h (Advisory)
- agent/author
- agent/description
- agent/epss
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/epss-latest
- source/FIRST
- collector/github-advisory
- alias/GHSA-54f3-c6hg-865h
- alias/CVE-2023-6563
- collector/github-advisory-latest
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- collector/nvd-cve
- collector/redhat-bugzilla
- source/Red Hat
- package-manager/maven
- vendor/redhat
- canonical/redhat keycloak
- canonical/redhat single sign-on
- version/redhat single sign-on/7.6
- canonical/redhat enterprise linux
- version/redhat enterprise linux/7.0
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0
- canonical/redhat openshift container platform
- version/redhat openshift container platform/4.11
- version/redhat openshift container platform/4.12
- canonical/redhat openshift container platform for power
- version/redhat openshift container platform for power/4.9
- version/redhat openshift container platform for power/4.10
- canonical/redhat openshift container platform for ibm linuxone
- version/redhat openshift container platform for ibm linuxone/4.9
- version/redhat openshift container platform for ibm linuxone/4.10
- package-manager/redhat