6.5
CVE-2026-9792
- EPSS 0.27%
- Veröffentlicht 28.05.2026 03:44:18
- Zuletzt bearbeitet 26.06.2026 08:16:27
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Keycloak: keycloak: security restriction bypass allows unauthorized ropc token acquisition
A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-scopes) are used to enforce security restrictions, the `reject-ropc-grant` executor is silently bypassed. This allows an unauthenticated remote attacker to obtain tokens via a Resource Owner Password Credentials (ROPC) grant, even when a policy is explicitly configured to block it. This bypass can lead to unauthorized access and information disclosure.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Build Of Keycloak Version- SwEdition-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.183 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 6.5 | 3.9 | 2.5 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
CWE-280 Improper Handling of Insufficient Permissions or Privileges
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.
https://access.redhat.com/security/cve/CVE-2026-9792
https://bugzilla.redhat.com/show_bug.cgi?id=2482459
https://access.redhat.com/errata/RHSA-2026:25098
https://access.redhat.com/errata/RHSA-2026:25097
https://access.redhat.com/errata/RHSA-2026:30049
https://access.redhat.com/errata/RHSA-2026:30050