CVE-2023-0657

NVD Published Date: November 17, 2024 at 11:15 AM
NVD Last Modified: November 18, 2024 at 05:11 PM
Download Patch
Vulnerability ID
CVE-2023-0657
Severity
LOW
Severity Score
3.4
Summary
A flaw was found in Keycloak. This issue occurs due to improperly enforcing token types when validating signatures locally. This could allow an authenticated attacker to exchange a logout token for an access token and possibly gain access to data outside of enforced permissions.
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
CWE ID
CWE-273

Recent Publish

CVE-2020-25720

KB5046697

KB5046705

CVE-2024-10592

CVE-2024-11094

KB5046855

See More ...

See SecOps Solution
in action

Schedule Demo