VDB
CVE-2023-6563
CVE-2023-6563
PUBLISHED
Es existiert eine Schwachstelle in Keycloak und Red Hat Single Sign On. Unter bestimmten Umständen kann die Benutzeroberfläche dazu gebracht werden, eine große Anzahl von Offline-Client-Sitzungen zu laden, was zu einem übermäßigen Speicher- und CPU-Verbrauch führt. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.
EPSS 0.54% · 68.0th percentile
Risk Scores
EPSS Score
0.54%
68.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source Keycloak | |
| Hitachi | Hitachi Ops Center |
Timeline
- Dec 14, 2023 CVE Published
- Dec 15, 2023 EPSS Score
- Dec 27, 2023 CVE Updated
- Dec 27, 2023 PoC Published
- Jan 13, 2024 EPSS Score
- Feb 11, 2024 EPSS Score
- Apr 10, 2024 EPSS Score
- May 9, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3156.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3156 advisory
- https://access.redhat.com/errata/RHSA-2024:0799 advisory
- https://access.redhat.com/errata/RHSA-2024:0804 advisory
- https://access.redhat.com/errata/RHSA-2023:7854 advisory
- https://access.redhat.com/errata/RHSA-2023:7855 advisory
- https://access.redhat.com/errata/RHSA-2023:7856 advisory
- https://access.redhat.com/errata/RHSA-2023:7857 advisory
- https://access.redhat.com/errata/RHSA-2023:7858 advisory
- https://access.redhat.com/errata/RHSA-2023:7860 advisory
- https://access.redhat.com/errata/RHSA-2023:7861 advisory
- https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-133/index.html advisory