CVE-2025-7784 | THREATINT

Description

A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.

PUBLISHED Reserved 2025-07-18 | Published 2025-07-18 | Updated 2026-05-06 | Assigner redhat

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Problem types

Improper Privilege Management

Product status

Default status

unaffected

Any version before 26.2.6

affected

Default status

unaffected

Default status

affected

26.2.6-1 (rpm) before *

unaffected

Default status

affected

26.2-6 (rpm) before *

unaffected

Default status

affected

26.2-6 (rpm) before *

unaffected

Default status

unaffected

Default status

unaffected

Default status

unaffected

Timeline

2025-07-18:	Reported to Red Hat.
2025-07-18:	Made public.

Credits

Red Hat would like to thank Patrick Kutz for reporting this issue.

References

access.redhat.com/errata/RHSA-2025:12015 (RHSA-2025:12015) vendor-advisory

access.redhat.com/errata/RHSA-2025:12016 (RHSA-2025:12016) vendor-advisory

access.redhat.com/security/cve/CVE-2025-7784 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2381861 (RHBZ#2381861) issue-tracking

github.com/keycloak/keycloak/issues/39956

cve.org (CVE-2025-7784)

nvd.nist.gov (CVE-2025-7784)

Download JSON

help @ threatint.eu