CVE-2023-6787
Published: Apr 25, 2024
Modified: Nov 11, 2025
CVSS v3.1
6.5
Description
A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.
| Vendor | Product | Versions |
|---|---|---|
Unknown | keycloak | affected 0 - < 22.0.10affected 0 - < 24.0.3 |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22.0.10-1 - < * |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22-13 - < * |
Red Hat | Red Hat build of Keycloak 22 | unaffected 22-16 - < * |
Red Hat | Red Hat build of Keycloak 22.0.10 | All versions |
Red Hat | Red Hat Single Sign-On 7 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now