Keycloak Log Injection via WebAuthn Auth Form
CVE-2023-6484 Published on April 25, 2024

Keycloak: log injection during webauthn authentication or registration
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-6484 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
NONE
Integrity Impact:
LOW
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public. 28 days later.

Weakness Type

Improper Output Neutralization for Logs

The software does not neutralize or incorrectly neutralizes output that is written to logs.


Products Associated with CVE-2023-6484

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-6484 are published in these products:

Red Hat Build Keycloak
 
Red Hat Single Sign On
 
Red Hat Rhosemc
 

Exploit Probability

EPSS
0.34%
Percentile
56.13%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.