Lucene search

K
prionPRIOn knowledge basePRION:CVE-2023-6927
HistoryDec 18, 2023 - 11:15 p.m.

Design/Logic Flaw

2023-12-1823:15:00
PRIOn knowledge base
www.prio-n.com
6
keycloak
authorization codes
tokens
jarm
security patch
cve-2023-6134

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.1%

A flaw was found in Keycloak. This issue may allow an attacker to steal authorization codes or tokens from clients using a wildcard in the JARM response mode β€œform_post.jwt” which could be used to bypass the security patch implemented to address CVE-2023-6134.

CPENameOperatorVersion
single_sign-oneq7.0

6.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.1%