CVE-2023-3597
Keycloak: secondary factor bypass in step-up authentication
Severity Score
5.0
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A flaw was found in Keycloak, where it does not correctly validate its client step-up authentication in org.keycloak.authentication. This flaw allows a remote user authenticated with a password to register a false second authentication factor along with an existing one and bypass authentication.
Se encontró una falla en Keycloak, donde no valida correctamente la autenticación incremental de su cliente en org.keycloak.authentication. Esta falla permite que un usuario remoto autenticado con una contraseña registre un segundo factor de autenticación falso junto con uno existente y omita la autenticación.
*Credits:
Red Hat would like to thank Johannes Bergmann (Bosch) for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-07-10 CVE Reserved
- 2024-04-25 CVE Published
- 2024-12-27 CVE Updated
- 2025-04-15 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (5)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1867 | 2024-04-25 | |
| https://access.redhat.com/errata/RHSA-2024:1868 | 2024-04-25 | |
| https://access.redhat.com/security/cve/CVE-2023-3597 | 2024-04-16 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2221760 | 2024-04-16 | |
| https://access.redhat.com/errata/RHSA-2024:1866 | 2024-12-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Build Keycloak Search vendor "Redhat" for product "Build Keycloak" | * | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Red Hat Single Sign On Search vendor "Redhat" for product "Red Hat Single Sign On" | * | - |
Affected
| ||||||