CVE-2023-6291

{"id": "CVE-2023-6291", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}]}, "published": "2024-01-26T15:15:08.280", "references": [{"url": "https://access.redhat.com/errata/RHSA-2023:7854", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7855", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7856", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7857", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7858", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7860", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2023:7861", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0798", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0799", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0800", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0801", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0804", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6291", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251407", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-601"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the redirect_uri validation logic in Keycloak. This issue may allow a bypass of otherwise explicitly allowed hosts. A successful attack may lead to an access token being stolen, making it possible for the attacker to impersonate other users."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en la l\u00f3gica de validaci\u00f3n de redirect_uri en Keycloak. Este problema puede permitir la omisi\u00f3n de hosts permitidos expl\u00edcitamente. Un ataque exitoso puede provocar el robo de un token de acceso, lo que hace posible que el atacante se haga pasar por otros usuarios."}], "lastModified": "2024-02-14T03:15:14.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66A01C0F-CB27-4A62-9B86-C35CCD605AB6", "versionEndExcluding": "22.0.7"}, {"criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*", "vulnerable": true, "matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA983F8C-3A06-450A-AEFF-9429DE9A3454"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01B0F191-ADDB-4AAE-A5C5-5CC16909E64A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD75BCB4-F0E1-4C05-A2D7-001503C805C9"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B02036DD-4489-480B-B7D4-4EB08952377B"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7E78C55-45B6-4E01-9773-D3468F8EA9C3"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30E2CF79-2D56-48AB-952E-5DDAFE471073"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54E24055-813B-4E6D-94B7-FAD5F78B8537"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DEC61BC-E699-456E-99B6-C049F2A5F23F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:migration_toolkit_for_applications:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C2E7E3C-A507-4AB2-97E5-4944D8775CF7"}, {"criteria": "cpe:2.3:a:redhat:migration_toolkit_for_applications:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6FE20CE-E1C9-4645-98B6-A22B81356642"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}