CVE-2023-0105

Improper Authentication in maven/org.keycloak/keycloak-parent

Identifiers

CVE-2023-0105

Package Slug

maven/org.keycloak/keycloak-parent

Vulnerability

Improper Authentication

Description

A flaw was found in Keycloak. This flaw allows impersonation and lockout due to the email trust not being handled correctly in Keycloak. An attacker can shadow other users with the same email and lockout or impersonate them.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2023-01-25

source