CNNVD-202507-2437 Information

CNNVD ID

CNNVD-202507-2437

Related CVE

CVE-2025-7784

• CNNVD Published: 2025-07-18

Description (Chinese)

Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在安全漏洞，该漏洞源于权限执行不当，可能导致管理用户权限提升。

Description (English)

Keycloak is an open-source identity and access management solution for Keycloak. There is a security loophole in Keycloak, which stems from the improper implementation of privileges, which may lead to the management of user privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Keycloak

Published

2025-07-18

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-7784 https://bugzilla.redhat.com/show_bug.cgi?id=2381861 https://vigilance.fr/vulnerability/Keycloak-privilege-escalation-via-Admin-Console-47759

Patch

https://www.keycloak.org/downloads