A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lockout or impersonate them.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-01-11T20:46:51.617Z
Updated: 2024-08-02T05:02:43.468Z
Reserved: 2023-01-06T22:29:12.661Z
Link: CVE-2023-0105
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-01-13T06:15:11.983
Modified: 2023-01-23T18:31:10.593
Link: CVE-2023-0105
Redhat