CNNVD-202601-3434 Information

CNNVD ID

CNNVD-202601-3434

Related CVE

CVE-2025-14083

• CNNVD Published: 2026-01-21

Description (Chinese)

Keycloak是Keycloak开源的一种开源身份和访问管理解决方案。 Keycloak存在访问控制错误漏洞，该漏洞源于可能暴露后端架构和规则，可能导致访问控制不当，引发针对性攻击或权限提升。

Description (English)

Keycloak is an open-source identity and access management solution for Keycloak. Keycloak has an access control error loophole, which stems from the risk of exposing back-end structures and rules, which may lead to inappropriate access controls and lead to targeted attacks or enhanced access.

Hazard Level

Critical

Vulnerability Type

访问控制错误

Affected Vendor

Keycloak

Published

2026-01-21

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-14083 https://bugzilla.redhat.com/show_bug.cgi?id=2419086