Security Advisory

CVE-2024-3656

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-09 18:59:11

Last updated 2025-11-20 07:13:33

Assigner redhat

State PUBLISHED

Description

A flaw was found in Keycloak. Certain endpoints in Keycloaks admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise.

← Browse all CVEs View on cve.org ↗