CVE-2021-3754

MEDIUM

Keycloak - Improper Input Validation in Username Registration

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-3754. PoCs published by 7Ragnarok7.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2021-3754, an improper input validation flaw in Apache Keycloak and Red Hat SSO. The vulnerability allows an attacker to register with a username matching an existing user's email, potentially locking them out of their account.

Description

A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.

Exploits (1)

nomisec WRITEUP 1 stars
by 7Ragnarok7 · poc
https://github.com/7Ragnarok7/CVE-2021-3754

This repository provides a detailed technical analysis of CVE-2021-3754, an improper input validation flaw in Apache Keycloak and Red Hat SSO. The vulnerability allows an attacker to register with a username matching an existing user's email, potentially locking them out of their account.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Apache Keycloak, Red Hat SSO
No auth needed
Prerequisites: Access to the registration endpoint of the affected software
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2
Core References
Issue Tracking, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1999196
Vendor Advisory x_refsource_misc
https://access.redhat.com/security/cve/CVE-2021-3754

Scores

CVSS v3 5.3
EPSS 0.1232
EPSS Percentile 94.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE
CWE-20
Status published
Products (3)
org.keycloak/keycloak-services 0 - 24.0.1Maven
redhat/keycloak
redhat/single_sign-on 7.0
Published Aug 26, 2022
Tracked Since Feb 18, 2026