Headline
GHSA-c9h6-v78w-52wj: Keycloak vulnerable to session hijacking via re-authentication
A flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authentication (having the query parameter prompt=login) and forcing the user to enter his credentials once again. If the user cancels this re-authentication by clicking Restart login, the account takeover could take place as the new session, with a different SUB, will have the same SID as the previous session.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2023-6787
Keycloak vulnerable to session hijacking via re-authentication
Moderate severity GitHub Reviewed Published Apr 17, 2024 in keycloak/keycloak • Updated Apr 17, 2024
Package
maven org.keycloak:keycloak-services (Maven)
Affected versions
< 22.0.10
>= 23.0.0, < 24.0.3
Patched versions
22.0.10
24.0.3
A flaw was found in Keycloak. An active keycloak session can be hijacked by initiating a new authentication (having the query parameter prompt=login) and forcing the user to enter his credentials once again. If the user cancels this re-authentication by clicking Restart login, the account takeover could take place as the new session, with a different SUB, will have the same SID as the previous session.
References
- GHSA-c9h6-v78w-52wj
Published to the GitHub Advisory Database
Apr 17, 2024
Last updated
Apr 17, 2024
Related news
Red Hat Security Advisory 2024-1868-03 - An update is now available for Red Hat build of Keycloak. Issues addressed include bypass, cross site scripting, and denial of service vulnerabilities.