Session Hijacking Vulnerability in Keycloak by Red Hat
CVE-2023-6787
8.8HIGH
Key Information:
- Vendor
Red Hat
- Vendor
- CVE Published:
- 25 April 2024
What is CVE-2023-6787?
A flaw in Keycloak's re-authentication mechanism can be exploited to hijack an active session. By initiating a new authentication process with the parameter 'prompt=login', users are prompted to re-enter their credentials. If a user cancels this re-authentication by selecting 'Restart login', an account takeover can occur. This is because the new session, generating a different SUB, retains the same SID as the previous session, enabling unauthorized access to the account.