Vulnerability identifier: #VU88793

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-6544

CWE-ID: CWE-285

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Keycloak
Server applications / Directory software, identity management

Vendor: Keycloak

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to a permissive regular expression hard-coded for filtering allowed hosts to register a dynamic client within the org.keycloak.services.clientregistration package. A remote attacker with enough information about the environment could benefit and jeopardize an environment with this specific Dynamic Client Registration with TrustedDomain configuration previously unauthorized.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Keycloak: 22.0.0 - 24.0.2

---

External links
http://github.com/keycloak/keycloak/security/advisories/GHSA-46c8-635v-68r2
http://access.redhat.com/errata/RHSA-2024:1867
http://access.redhat.com/errata/RHSA-2024:1868

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.