CVE-2026-0871

{"id": "CVE-2026-0871", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2026-0871", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-27T16:51:23.992734Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "affected": [{"source": "secalert@redhat.com", "affectedData": [{"cpes": ["cpe:/a:redhat:build_keycloak:26.4::el9"], "vendor": "Red Hat", "product": "Red Hat build of Keycloak 26.4", "versions": [{"status": "unaffected", "version": "26.4.9-1", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhbk/keycloak-operator-bundle", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:build_keycloak:26.4::el9"], "vendor": "Red Hat", "product": "Red Hat build of Keycloak 26.4", "versions": [{"status": "unaffected", "version": "26.4-11", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhbk/keycloak-rhel9", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:build_keycloak:26.4::el9"], "vendor": "Red Hat", "product": "Red Hat build of Keycloak 26.4", "versions": [{"status": "unaffected", "version": "26.4-10", "lessThan": "*", "versionType": "rpm"}], "packageName": "rhbk/keycloak-rhel9-operator", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:build_keycloak:26.4::el9"], "vendor": "Red Hat", "product": "Red Hat build of Keycloak 26.4.9", "packageName": "rhbk/keycloak-rhel9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:jboss_enterprise_application_platform:8"], "vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform 8", "packageName": "keycloak-services", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:jbosseapxp"], "vendor": "Red Hat", "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack", "packageName": "keycloak-services", "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:red_hat_single_sign_on:7"], "vendor": "Red Hat", "product": "Red Hat Single Sign-On 7", "packageName": "keycloak-services", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}]}], "published": "2026-02-27T08:17:09.410", "references": [{"url": "https://access.redhat.com/errata/RHSA-2026:2365", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2026:2366", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2026-0871", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428881", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-266"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Keycloak. An administrator with `manage-users` permission can bypass the \"Only administrators can view\" setting for unmanaged attributes, allowing them to modify these attributes. This improper access control can lead to unauthorized changes to user profiles, even when the system is configured to restrict such modifications."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Keycloak. Un administrador con permiso 'manage-users' puede eludir la configuraci\u00f3n 'Solo los administradores pueden ver' para atributos no gestionados, permiti\u00e9ndoles modificar estos atributos. Este control de acceso inadecuado puede llevar a cambios no autorizados en los perfiles de usuario, incluso cuando el sistema est\u00e1 configurado para restringir dichas modificaciones."}], "lastModified": "2026-06-17T10:11:32.127", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:build_of_keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA48695-84DD-43C9-A163-38507A9A6582", "versionEndExcluding": "26.4.9"}, {"criteria": "cpe:2.3:a:redhat:build_of_keycloak:-:*:*:*:text-only:*:*:*", "vulnerable": true, "matchCriteriaId": "1830E455-7E11-4264-862D-05971A42D4A6"}, {"criteria": "cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1882E42C-6B1E-4E64-A8A9-28FE4DE7768E", "versionEndExcluding": "26.4.0"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}