Patrik

**Name of the Vulnerable Software and Affected Versions** Ory Oathkeeper (affected versions not specified) **Description** Ory Oathkeeper is susceptible to authentication bypass due to cache key confusion within the `oauth2 introspection` authenticator. The caching mechanism does not differentiate between tokens validated using distinct introspection URLs. An attacker can leverage a valid token to populate the cache and subsequently utilize the same token for rules associated with a different introspection server. This requires multiple `oauth2 introspection` authenticator servers configured with caching enabled, and the attacker must possess a valid token for one of these servers. **Recommendations** Update to the patched version of Ory Oathkeeper. If an immediate update is not feasible, disable caching for `oauth2 introspection` authenticators.