CVE-2023-6927: Keycloak: open redirect via "form_post.jwt" jarm response mode
First published: Mon Dec 18 2023(Updated: )
# Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9vm7-v8wj-3fqw. This link is maintained to preserve external references. # Original Description A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt" which could be used to bypass the security patch implemented to address CVE-2023-6134.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/keycloak | <23.0.4 | 23.0.4 |
| maven/org.keycloak:keycloak-parent | <=23.0.3 | |
| maven/org.keycloak:keycloak-core | <23.0.4 | 23.0.4 |
| Red Hat Keycloak | ||
| Red Hat Single Sign-On | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://nvd.nist.gov/vuln/detail/CVE-2023-6927
- https://access.redhat.com/security/cve/CVE-2023-6927
- https://bugzilla.redhat.com/show_bug.cgi?id=2255027
- https://github.com/advisories/GHSA-3p75-q5cc-qmj7 (Advisory)
- https://access.redhat.com/errata/RHSA-2024:0094
- https://access.redhat.com/errata/RHSA-2024:0095
- https://access.redhat.com/errata/RHSA-2024:0096
- https://access.redhat.com/errata/RHSA-2024:0097
- https://access.redhat.com/errata/RHSA-2024:0098
- https://access.redhat.com/errata/RHSA-2024:0100
- https://access.redhat.com/errata/RHSA-2024:0101
- https://access.redhat.com/errata/RHSA-2024:0798
- https://access.redhat.com/errata/RHSA-2024:0799
- https://access.redhat.com/errata/RHSA-2024:0800
- https://access.redhat.com/errata/RHSA-2024:0801
- https://access.redhat.com/errata/RHSA-2024:0804
- https://access.redhat.com/security/cve/CVE-2023-6134
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2255024
- https://github.com/keycloak/keycloak/security/advisories/GHSA-9vm7-v8wj-3fqw
- https://github.com/advisories/GHSA-9vm7-v8wj-3fqw (Advisory)
Frequently Asked Questions
What is the severity of CVE-2023-6927?
CVE-2023-6927 has been classified as a high severity vulnerability.
How do I fix CVE-2023-6927?
To fix CVE-2023-6927, you should upgrade Keycloak to version 23.0.4 or later.
Which versions of Keycloak are affected by CVE-2023-6927?
Keycloak versions prior to 23.0.4, including 23.0.3 and earlier versions, are affected by CVE-2023-6927.
What type of vulnerability is CVE-2023-6927?
CVE-2023-6927 is a vulnerability that may allow an attacker to steal authorization codes or tokens.
Is there a patch available for CVE-2023-6927?
Yes, a patch is available in Keycloak version 23.0.4 to address CVE-2023-6927.
- agent/first-publish-date
- agent/type
- agent/severity
- agent/weakness
- agent/title
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-6927
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/trending
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-3p75-q5cc-qmj7
- agent/event
- alias/GHSA-9vm7-v8wj-3fqw
- agent/last-modified-date
- agent/references
- agent/description
- collector/github-advisory
- agent/source
- agent/author
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-cve
- agent/softwarecombine
- package-manager/redhat
- package-manager/maven
- vendor/redhat
- canonical/red hat keycloak
- canonical/red hat single sign-on
- version/red hat single sign-on/7.0