Skip to main content

Single Sign On CVE-2023-2585

HIGH
Improperly Implemented Security Check for Standard (CWE-358)
2023-12-21 secalert@redhat.com
8.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.1 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Dec 21, 2023 - 10:15 nvd
HIGH 8.1

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 61 maven packages depend on org.keycloak:keycloak-server-spi-private (18 direct, 43 indirect)
  • 16 maven packages depend on org.keycloak:keycloak-services (10 direct, 6 indirect)

Ecosystem-wide dependent count for version 21.1.2 and other introduced versions.

DescriptionNVD

Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client.

AnalysisAI

Keycloak's device authorization grant does not correctly validate the device code and client ID. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-358. Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized access to an existing OAuth client. Affected products include: Redhat Single Sign-On, Redhat Openshift Container Platform, Redhat Openshift Container Platform For Ibm Z, Redhat Openshift Container Platform For Linuxone, Redhat Openshift Container Platform For Power.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-4104 HIGH
7.5 Dec 14

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Lo

CVE-2023-48795 MEDIUM POC
5.9 Dec 18

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot

CVE-2015-2281 HIGH POC
7.5 Mar 19

Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote attac

CVE-2023-6563 HIGH POC
7.7 Dec 14

An unconstrained memory consumption vulnerability was discovered in Keycloak. Rated high severity (CVSS 7.7), this vulne

CVE-2022-0853 HIGH POC
7.5 Mar 11

A flaw was found in JBoss-client. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authent

CVE-2022-1466 MEDIUM POC
6.5 Apr 26

Due to improper authorization, Red Hat Single Sign-On is vulnerable to users performing actions that they should not be

CVE-2020-25689 MEDIUM POC
6.5 Nov 02

A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in

CVE-2024-8883 MEDIUM POC
6.1 Sep 19

A misconfiguration flaw was found in Keycloak. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploita

CVE-2019-10219 MEDIUM POC
6.1 Nov 08

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo

CVE-2019-10212 CRITICAL
9.8 Oct 02

A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. Rated critical severi

CVE-2019-14379 CRITICAL
9.8 Jul 29

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (becau

CVE-2025-12543 CRITICAL
9.6 Jan 07

Undertow HTTP server (used in WildFly, JBoss EAP) fails to validate Host headers, enabling cache poisoning, internal net

Share

CVE-2023-2585 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy