CVE-2025-23367 | Red Hat Build of Keycloak Wildfly Server Role Based Access Control Provider access control

A vulnerability classified as critical was found in Red Hat Build of Keycloak, Data Grid, Fuse, JBoss Data Grid, JBoss Enterprise Application Platform, JBoss Enterprise Application Platform Expansion Pack, Process Automation and Single Sign-On. Affected by this vulnerability is an unknown functionality of the component Wildfly Server Role Based Access Control Provider. The manipulation leads to improper access controls.

This vulnerability is known as CVE-2025-23367. The attack can be launched remotely. There is no exploit available.

CVE-2025-23367 | Red Hat Build of Keycloak Wildfly Server Role Based Access Control Provider access control

Related Posts

CVE-2023-49087 | SimpleSAMLphp saml2/xml-security XML Signature unknown vulnerability

CVE-2024-24335 | RT-Thread up to 5.0.2 dfs_v2 heap-based overflow (Issue 8271)

CVE-2023-6913 | Imou Life app up to 4.0.0-beta.10 HTTP Request xml external entity reference

CVE-2024-8645 | Wireshark up to 4.0.15/4.2.5 SPRT Dissector uninitialized pointer (ID 19559)