Lucene search

K
redhatRedHatRHSA-2024:0096
HistoryJan 09, 2024 - 4:02 p.m.

(RHSA-2024:0096) Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 9

2024-01-0916:02:48
access.redhat.com
3
red hat single sign-on
7.6.6
security update
rhel 9
open redirect
cve-2023-6927
keycloak project
authentication
bug fixes
enhancements

7.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.2%

Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.

This release of Red Hat Single Sign-On 7.6.6 on RHEL 9 serves as a replacement for Red Hat Single Sign-On 7.6.5, and includes bug fixes and enhancements.

Security Fix(es):

  • open redirect via “form_post.jwt” JARM response mode (CVE-2023-6927)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

7.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.2%