Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-0091

A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.

Published

2023-01-13T06:15:11.930

Last Modified

2025-04-09T15:15:56.113

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 3.8 (LOW)

Weaknesses

Type: Primary
CWE-863
Type: Secondary
CWE-863

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	keycloak	-	Yes
Application	redhat	single_sign-on	7.0	No

References

https://access.redhat.com/security/cve/CVE-2023-0091 Vendor Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2023-0091 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)