CVE-2023-6787

A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "prompt=login," prompting the user to re-enter their credentials. If the user cancels this re-authentication by selecting "Restart login," an account takeover may occur, as the new session, with a different SUB, will possess the same SID as the previous session.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:text-only:*:*:*
cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*

History

30 Jun 2025, 13:49

Type Values Removed Values Added
First Time Redhat
Redhat keycloak
Redhat build Of Keycloak
CPE cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:text-only:*:*:*
References () https://access.redhat.com/errata/RHSA-2024:1867 - () https://access.redhat.com/errata/RHSA-2024:1867 - Vendor Advisory
References () https://access.redhat.com/errata/RHSA-2024:1868 - () https://access.redhat.com/errata/RHSA-2024:1868 - Vendor Advisory
References () https://access.redhat.com/security/cve/CVE-2023-6787 - () https://access.redhat.com/security/cve/CVE-2023-6787 - Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2254375 - () https://bugzilla.redhat.com/show_bug.cgi?id=2254375 - Issue Tracking, Vendor Advisory
References () https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj - () https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj - Vendor Advisory

14 Mar 2025, 15:15

Type Values Removed Values Added
References
  • () https://github.com/keycloak/keycloak/security/advisories/GHSA-c9h6-v78w-52wj -

21 Nov 2024, 08:44

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:1867 - () https://access.redhat.com/errata/RHSA-2024:1867 -
References () https://access.redhat.com/errata/RHSA-2024:1868 - () https://access.redhat.com/errata/RHSA-2024:1868 -
References () https://access.redhat.com/security/cve/CVE-2023-6787 - () https://access.redhat.com/security/cve/CVE-2023-6787 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=2254375 - () https://bugzilla.redhat.com/show_bug.cgi?id=2254375 -

25 Apr 2024, 17:24

Type Values Removed Values Added
New CVE

Information

Published : 2024-04-25 16:15

Updated : 2025-06-30 13:49


NVD link : CVE-2023-6787

Mitre link : CVE-2023-6787

CVE.ORG link : CVE-2023-6787


JSON object : View

Products Affected

redhat

  • keycloak
  • build_of_keycloak
CWE
CWE-287

Improper Authentication