A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2023-0091 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2023-01-11T20:44:07.553Z
Updated: 2023-01-13T04:22:02.451274Z
Reserved: 2023-01-05T20:27:38.369Z
Link: CVE-2023-0091
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-13T06:15:11.930
Modified: 2023-02-22T17:07:37.597
Link: CVE-2023-0091
JSON object: View
Redhat Information
No data.
CWE