CVE-2026-9705: Insufficient Session Expiration in Red Hat Red Hat Build of Keycloak
CVE-2026-9705 is a vulnerability in Red Hat Build of Keycloak's client registration service where an attacker with a previously issued Registration Access Token (RAT) can re-enable a client that an administrator disabled. This allows the attacker to reset the client's secret and potentially regain privileged API access, leading to unauthorized information disclosure and integrity compromise. The vulnerability has a medium severity with a CVSS score of 6.5. No specific affected versions or patch information are provided in the advisory.
AI Analysis
Technical Summary
This vulnerability involves insufficient session expiration in the client registration service of Red Hat Build of Keycloak. An attacker possessing a previously issued Registration Access Token (RAT) can bypass administrative controls by re-enabling a disabled client. This enables the attacker to reset the client's secret, potentially regaining privileged API access. The flaw impacts confidentiality and integrity but does not affect availability. The CVSS 3.1 vector indicates the attack is network-based, requires no privileges or user interaction, and affects an unchanged security scope.
Potential Impact
Successful exploitation can lead to unauthorized disclosure of information and compromise of data integrity by allowing an attacker to reset client secrets and regain privileged API access. There is no indication of availability impact. The vulnerability bypasses administrative controls intended to disable clients, undermining security policies.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9705 for current remediation guidance. Until a fix is available, administrators should consider revoking or rotating Registration Access Tokens and monitor client status changes closely. No official fix or temporary workaround is currently documented by Red Hat.
CVE-2026-9705: Insufficient Session Expiration in Red Hat Red Hat Build of Keycloak
Description
CVE-2026-9705 is a vulnerability in Red Hat Build of Keycloak's client registration service where an attacker with a previously issued Registration Access Token (RAT) can re-enable a client that an administrator disabled. This allows the attacker to reset the client's secret and potentially regain privileged API access, leading to unauthorized information disclosure and integrity compromise. The vulnerability has a medium severity with a CVSS score of 6.5. No specific affected versions or patch information are provided in the advisory.
CVSS v3.1
Score 6.5medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves insufficient session expiration in the client registration service of Red Hat Build of Keycloak. An attacker possessing a previously issued Registration Access Token (RAT) can bypass administrative controls by re-enabling a disabled client. This enables the attacker to reset the client's secret, potentially regaining privileged API access. The flaw impacts confidentiality and integrity but does not affect availability. The CVSS 3.1 vector indicates the attack is network-based, requires no privileges or user interaction, and affects an unchanged security scope.
Potential Impact
Successful exploitation can lead to unauthorized disclosure of information and compromise of data integrity by allowing an attacker to reset client secrets and regain privileged API access. There is no indication of availability impact. The vulnerability bypasses administrative controls intended to disable clients, undermining security policies.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory at https://access.redhat.com/security/cve/CVE-2026-9705 for current remediation guidance. Until a fix is available, administrators should consider revoking or rotating Registration Access Tokens and monitor client status changes closely. No official fix or temporary workaround is currently documented by Red Hat.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-05-27T12:48:48.084Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-9705","vendor":"Red Hat"}]
Threat ID: 6a3d5b514853345fc13372d5
Added to database: 06/25/2026, 16:46:09 UTC
Last enriched: 06/25/2026, 17:01:51 UTC
Last updated: 06/25/2026, 17:20:04 UTC
Views: 12
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.