Vulnerability CVE-2023-6484
Published: 2024-04-25

Description:
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.

Type:

CWE-117

 (Improper Output Neutralization for Logs)

 References:
https://access.redhat.com/errata/RHSA-2024:0798
https://access.redhat.com/errata/RHSA-2024:0799
https://access.redhat.com/errata/RHSA-2024:0800
https://access.redhat.com/errata/RHSA-2024:0801
https://access.redhat.com/errata/RHSA-2024:0804
https://access.redhat.com/errata/RHSA-2024:1860
https://access.redhat.com/errata/RHSA-2024:1861
https://access.redhat.com/errata/RHSA-2024:1862
https://access.redhat.com/errata/RHSA-2024:1864
https://access.redhat.com/errata/RHSA-2024:1865
https://access.redhat.com/errata/RHSA-2024:1866
https://access.redhat.com/errata/RHSA-2024:1867
https://access.redhat.com/errata/RHSA-2024:1868
https://access.redhat.com/security/cve/CVE-2023-6484
https://bugzilla.redhat.com/show_bug.cgi?id=2248423
Copyright 2024, cxsecurity.com

 

Back to Top