VDB
CISA-2023-2422
CISA-2023-2422
PUBLISHED
CVSS 5.5 MEDIUM
Reported by redhat · Published October 4, 2023
A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Single Sign-On 7 | |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | 0:18.0.8-1.redhat_00001.1.el7sso |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 8 | 0:18.0.8-1.redhat_00001.1.el8sso |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 9 | 0:18.0.8-1.redhat_00001.1.el9sso |
| Red Hat | RHEL-8 based Middleware Containers | 7.6-24 |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 7 | 0:18.0.8-1.redhat_00001.1.el7sso, * |
| Red Hat | Red Hat Single Sign-On 7 | |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 8 | 0:18.0.8-1.redhat_00001.1.el8sso, * |
| Red Hat | RHEL-8 based Middleware Containers | 7.6-24, 7.6-24 |
| Red Hat | Red Hat Single Sign-On 7.6 for RHEL 9 | 0:18.0.8-1.redhat_00001.1.el9sso, 0:18.0.8-1.redhat_00001.1.el9sso |
Timeline
- Oct 4, 2023 CVE Published
- Aug 2, 2024 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- RHSA-2023:3883 vendor-advisoryx_refsource_REDHAT
- RHSA-2023:3884 vendor-advisoryx_refsource_REDHAT
- RHSA-2023:3885 vendor-advisoryx_refsource_REDHAT
- RHSA-2023:3888 vendor-advisoryx_refsource_REDHAT
- RHSA-2023:3892 vendor-advisoryx_refsource_REDHAT
- vdb-entryx_refsource_REDHAT
- RHBZ#2191668 issue-trackingx_refsource_REDHAT