0
CVE-2026-11577
- EPSS 0.33%
- Veröffentlicht 08.06.2026 11:44:41
- Zuletzt bearbeitet 03.07.2026 10:16:22
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Rejected reason: The reported behavior does not constitute a privilege escalation. Exploitation requires the attacker to already possess the manage-realm administrative role within the realm-management client. By design, the manage-realm role is intended to be equivalent in administrative authority to realm-admin. A user with manage-realm already has full administrative control over the realm. Therefore, importing users with realm-admin role mappings through POST /admin/realms/{realm}/partialImport does not grant any additional privileges beyond those already held by the administrator and does not represent a security vulnerability.Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.247 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|