CVE-2023-6920

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)

Published: Dec 18, 2023 / Updated: 11mo ago

010
CVSS 2.1No EPSS yetLow
CVE info copied to clipboard

An incomplete fix was found in the Keycloak Core patch. An attacker can steal authorization codes or tokens from clients using a wildcard in the JARM response mode "form_post.jwt". Changing the response_mode parameter in the original proof of concept from "form_post" to "form_post.jwt" can bypass the security patch implemented to address CVE-2023-6134.

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N

Timeline

CVE Assignment

NVD published the first details for CVE-2023-6920

Dec 18, 2023 at 9:15 AM
Vendor Advisory

RedHat CVE advisory released a security advisory (CVE-2023-6920).

Dec 18, 2023 at 4:25 PM
First Article

Feedly found the first article mentioning CVE-2023-6920. See article

Dec 18, 2023 at 5:56 PM / Vulners.com RSS Feed
Static CVE Timeline Graph

Patches

bugzilla.redhat.com
+null more

Links to Mitre Att&cks

T1070: Indicator Removal on Host
+null more

Attack Patterns

CAPEC-81: Web Logs Tampering
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:Required
Scope:Unchanged
Confidentiality:None
Integrity:None
Availability Impact:None

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI