A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-01-11T20:44:07.553Z

Updated: 2024-08-02T05:02:43.399Z

Reserved: 2023-01-05T20:27:38.369Z

Link: CVE-2023-0091

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-01-13T06:15:11.930

Modified: 2023-02-22T17:07:37.597

Link: CVE-2023-0091

cve-icon Redhat

Severity : Low

Publid Date: 2022-10-28T00:00:00Z

Links: CVE-2023-0091 - Bugzilla