{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-11577", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2026-06-08T11:34:22.437Z", "datePublished": "2026-06-08T11:44:41.892Z", "dateUpdated": "2026-06-08T11:44:41.892Z"}, "containers": {"cna": {"title": "Keycloak: keycloak: privilege escalation via partialimport fgap permission bypass", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm administrator by importing users with realm-admin role mappings."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Build of Keycloak", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "keycloak-services", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:build_keycloak:"]}, {"vendor": "Red Hat", "product": "Red Hat Data Grid 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "keycloak-services", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:jboss_data_grid:8"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform 8", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "keycloak-services", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:jboss_enterprise_application_platform:8"]}, {"vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "packageName": "keycloak-services", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:jbosseapxp"]}, {"vendor": "Red Hat", "product": "Red Hat Single Sign-On 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "keycloak-services", "defaultStatus": "unknown", "cpes": ["cpe:/a:redhat:red_hat_single_sign_on:7"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2026-11577", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459993", "name": "RHBZ#2459993", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/keycloak/keycloak/issues/9387"}], "datePublic": "2026-06-08T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-863: Incorrect Authorization", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "timeline": [{"lang": "en", "time": "2026-04-18T00:00:00.000Z", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2026-06-08T00:00:00.000Z", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Andrii Ilin (10Guards) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2026-06-08T11:44:41.892Z"}, "x_generator": {"engine": "cvelib 1.8.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/{realm}/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions (FGAP) and escalate their privileges to a full realm administrator by importing users with realm-admin role mappings."}], "id": "CVE-2026-11577", "lastModified": "2026-06-08T13:16:32.943", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2026-06-08T13:16:32.943", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2026-11577"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2459993"}, {"source": "secalert@redhat.com", "url": "https://github.com/keycloak/keycloak/issues/9387"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{}

{}