EUVD-2024-1142

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Flaw in Keycloak allows attackers to exchange logout tokens for access tokens, risking unauthorized data access.

Reporter	Title	Published	Views	Family All 21
ATTACKERKB	CVE-2023-0657	17 Nov 202411:15	–	attackerkb
Chainguard	CVE-2023-0657 vulnerabilities	17 Nov 202411:15	–	cgr
Circl	CVE-2023-0657	17 Nov 202410:25	–	circl
CNNVD	Red Hat Keycloak 安全漏洞	27 May 202300:00	–	cnnvd
CVE	CVE-2023-0657	17 Nov 202410:19	–	cve
Cvelist	CVE-2023-0657 Keycloak: impersonation via logout token exchange	17 Nov 202410:19	–	cvelist
Github Security Blog	Keycloak vulnerable to impersonation via logout token exchange	17 Apr 202418:25	–	github
NVD	CVE-2023-0657	17 Nov 202411:15	–	nvd
OSV	CGA-6HCJ-97R2-CMW6	6 Jun 202412:24	–	osv
OSV	CGA-99GG-MFXJ-3W9G	6 Jun 202412:25	–	osv

[
  {
    "enisaIdVendor": [
      {
        "id": "70844cdd-576b-3cc6-a4c1-f8bd97e99bf3",
        "vendor": {
          "name": "Red Hat"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "10c36c3a-61a4-3f6a-8953-7f13309603d7",
        "product": {
          "name": "Red Hat build of Keycloak 22"
        },
        "product_version": "patch: 22-16"
      },
      {
        "id": "75111daa-366b-341e-8d2d-6f54f0923e9c",
        "product": {
          "name": "Red Hat build of Keycloak 22"
        },
        "product_version": "patch: 22-13"
      },
      {
        "id": "c81c9cab-e046-3df4-92f0-904ddd7a77a2",
        "product": {
          "name": "Red Hat build of Keycloak 22"
        },
        "product_version": "patch: 22.0.10-1"
      }
    ]
  }
]

Source	Link
github	www.github.com/keycloak/keycloak/security/advisories/GHSA-7fpj-9hr8-28vh
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-0657
access	www.access.redhat.com/errata/RHSA-2024:1867
access	www.access.redhat.com/errata/RHSA-2024:1868
access	www.access.redhat.com/security/cve/CVE-2023-0657
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/keycloak/keycloak

03 Oct 2025 20:07Current

4.2Medium risk

Vulners AI Score4.2

CVSS 3.13.4

EPSS0.00054

SSVC