CVE-2023-6484

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Keycloak version 22.0.5

Description A log injection flaw was found in Keycloak, related to the WebAuthn authentication mode. This issue allows a text string to be injected through the authentication form, which may have a minor impact on the logs' integrity. The flaw is caused by errors in the browser client during setup or authentication with "Security Key login" (WebAuthn) being written into the form, sent to Keycloak, and logged without escaping, thus allowing log injection.

Recommendations For Keycloak version 22.0.5, consider disabling the WebAuthn authentication mode until a patch is available to prevent potential log injection attacks. Restrict access to the authentication form to minimize the risk of exploitation. Avoid using the WebAuthn authentication mode until the issue is resolved.

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-117CWE-74

Related Identifiers

BDU:2023-08559

CVE-2023-6484

GHSA-J628-Q885-8GR5

RHSA-2024:0798

RHSA-2024:0799

RHSA-2024:0800

RHSA-2024:1860

RHSA-2024:1861

RHSA-2024:1862

Affected Products

Keycloak

CVE-2023-6484

Weakness Enumeration

Related Identifiers

Affected Products

References · 30