#VU88793 Improper authorization in Keycloak - CVE-2023-6544
Vulnerability identifier: #VU88793
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-285
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Keycloak
Server applications /
Directory software, identity management
Vendor: Keycloak
Description
The vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to a permissive regular expression hard-coded for filtering allowed hosts to register a dynamic client within the org.keycloak.services.clientregistration package. A remote attacker with enough information about the environment could benefit and jeopardize an environment with this specific Dynamic Client Registration with TrustedDomain configuration previously unauthorized.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Keycloak: 22.0.0 - 24.0.2
External links
https://github.com/keycloak/keycloak/security/advisories/GHSA-46c8-635v-68r2
https://access.redhat.com/errata/RHSA-2024:1867
https://access.redhat.com/errata/RHSA-2024:1868
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
