CVE-2023-0091

LOW

3.8CVSS v3

—CVSS v2

0.29% EPSS (exploit probability)

CWE-863CWE

Description

A flaw was found in Keycloak, where it did not properly check client tokens for possible revocation in its client credential flow. This flaw allows an attacker to access or modify potentially sensitive information.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE