CVE-2023-6787

Name of the Vulnerable Software and Affected Versions Keycloak (affected versions not specified)

Description The issue is related to a flaw in the re-authentication mechanism within Keycloak, specifically in the org.keycloak.authentication module. This flaw allows an attacker to hijack an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login", prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login", an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.