Vulnerability Details : CVE-2022-3916
A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user.
Products affected by CVE-2022-3916
- cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*
- cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.9:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-3916
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-3916
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.6
|
5.2
|
NIST | |
6.8
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.6
|
5.2
|
Red Hat, Inc. |
CWE ids for CVE-2022-3916
-
According to WASC, "Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization."Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-3916
-
https://access.redhat.com/errata/RHSA-2022:8961
RHSA-2022:8961 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2023:1044
RHSA-2023:1044 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2023:1045
RHSA-2023:1045 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2022:8962
RHSA-2022:8962 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2023:1043
RHSA-2023:1043 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2022:8963
RHSA-2022:8963 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2023:1047
RHSA-2023:1047 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2022:8964
RHSA-2022:8964 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/errata/RHSA-2023:1049
RHSA-2023:1049 - Security Advisory - Red Hat Customer PortalVendor Advisory
-
https://access.redhat.com/security/cve/CVE-2022-3916
CVE-2022-3916- Red Hat Customer PortalVendor Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=2141404
2141404 – (CVE-2022-3916) CVE-2022-3916 keycloak: Session takeover with OIDC offline refreshtokensIssue Tracking;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2022:8965
RHSA-2022:8965 - Security Advisory - Red Hat Customer PortalVendor Advisory
Jump to