CVE-2025-0604

MEDIUM

Keycloak LDAP Federation >=26.1.0 <26.1.3 - Authentication Bypass via Password Reset

Title source: llm

Description

A flaw was found in Keycloak. When an Active Directory user resets their password, the system updates it without performing an LDAP bind to validate the new credentials against AD. This vulnerability allows users whose AD accounts are expired or disabled to regain access in Keycloak, bypassing AD restrictions. The issue enables authentication bypass and could allow unauthorized access under certain conditions.

References (4)

Core 4

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:2544

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:2545

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2025-0604

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2338993

Scores

CVSS v3 5.4

EPSS 0.0005

EPSS Percentile 14.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-287

Status published

Products (6)

org.keycloak/keycloak-ldap-federation 26.1.0 - 26.1.3Maven

Red Hat/Red Hat Build of Keycloak

Red Hat/Red Hat build of Keycloak 26.0 26.0-11

Red Hat/Red Hat build of Keycloak 26.0 26.0-12

Red Hat/Red Hat build of Keycloak 26.0 26.0.10-3

Red Hat/Red Hat Single Sign-On 7

Published Jan 22, 2025

Tracked Since Feb 18, 2026