CVE-2025-7784: Improper Privilege Management in Red Hat Red Hat Build of Keycloak
A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.
CVE-2025-7784: Improper Privilege Management in Red Hat Red Hat Build of Keycloak
Description
A flaw was found in the Keycloak identity and access management system when Fine-Grained Admin Permissions(FGAPv2) are enabled. An administrative user with the manage-users role can escalate their privileges to realm-admin due to improper privilege enforcement. This vulnerability allows unauthorized elevation of access rights, compromising the intended separation of administrative duties and posing a security risk to the realm.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2025-07-18T06:05:57.305Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 687a53a7a83201eaacf41efa
Added to database: 7/18/2025, 2:01:11 PM
Last updated: 7/18/2025, 2:01:11 PM
Views: 1
Related Threats
CVE-2025-46001: n/a
UnknownCVE-2025-7786: Cross Site Scripting in Gnuboard g6
MediumCVE-2025-7785: Open Redirect in thinkgem JeeSite
MediumCVE-2025-50126: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsjoomla.com RSBlog! component for Joomla
MediumCVE-2025-50058: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in rsjoomla.com RSDirectory! component for Joomla
MediumActions
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.