Lucene search
PRIOn knowledge basePRION:CVE-2023-0264HistoryAug 04, 2023 - 6:15 p.m.
Authentication flaw
2023-08-0418:15:00
PRIOn knowledge base
www.prio-n.com
13
flaw
keycloak
openid connect
user authentication
impersonation
session tokens
confidentiality
integrity
availability
nvd
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability.
Related
cvelist
cvelist
CVE-2023-0264
2023-08-04 17:09:27
redhatcve
redhatcve
CVE-2023-0264
2023-02-28 19:29:32
githubexploit
githubexploit
Exploit for Improper Authentication in Redhat Keycloak
2023-03-06 14:42:19
cve
cve
CVE-2023-0264
2023-08-04 18:15:11
github
github
Keycloak vulnerable to user impersonation via stolen UUID code
2023-03-02 23:25:43
veracode
veracode
User Impersonation
2023-03-04 15:40:16
osv
osv
Keycloak vulnerable to user impersonation via stolen UUID code
2023-03-02 23:25:43
nvd
nvd
CVE-2023-0264
2023-08-04 18:15:11
nessus
nessus
redhat
redhat