CVE-2026-3121

MEDIUM

Keycloak: org.keycloak/keycloak-services: keycloak: privilege escalation via manage-clients permission

Title source: cna
STIX 2.1

Description

A flaw was found in Keycloak. An administrator with `manage-clients` permission can exploit a misconfiguration where this permission is equivalent to `manage-permissions`. This allows the administrator to escalate privileges and gain control over roles, users, or other administrative functions within the realm. This privilege escalation can occur when admin permissions are enabled at the realm level.

References (4)

Core 4
Core References
Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2026-3121
Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat
RHBZ#2442277
https://bugzilla.redhat.com/show_bug.cgi?id=2442277
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:6477
https://access.redhat.com/errata/RHSA-2026:6477
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:6478
https://access.redhat.com/errata/RHSA-2026:6478

Scores

CVSS v3 6.5
EPSS 0.0047
EPSS Percentile 36.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-266
Status published
Products (12)
org.keycloak/keycloak-services 0 - 26.5.6Maven
Red Hat/Red Hat Build of Keycloak
Red Hat/Red Hat build of Keycloak 26.4 26.4-14
Red Hat/Red Hat build of Keycloak 26.4 26.4.11-1
Red Hat/Red Hat build of Keycloak 26.4.11
Red Hat/Red Hat JBoss Enterprise Application Platform 8
Red Hat/Red Hat JBoss Enterprise Application Platform Expansion Pack
Red Hat/Red Hat Single Sign-On 7
redhat/build_of_keycloak
redhat/jboss_enterprise_application_platform 8.0.0
... and 2 more
Published Mar 26, 2026
Tracked Since Mar 27, 2026