-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from three key flaws: 1) OrganizationAuthenticator's pre-patch logic set organization attributes during client session creation without verifying if the user was actually a member (fixed by adding isSSOAuthentication check). 2) OrganizationMembershipMapper's resolveValue method previously omitted user membership validation when generating claims (fixed by adding o.isMember(user) check). 3) TokenManager's dynamic scope resolution lacked membership verification for organization scopes (fixed by adding resolveOrganizations check). These functions collectively allowed domain pattern matching to override proper authorization checks, creating false organization claims in tokens.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.keycloak:keycloak-services | maven | >= 26.1.0, < 26.1.3 | 26.1.3 |
| org.keycloak:keycloak-services | maven | < 26.0.10 | 26.0.10 |
A Semantic Attack on Google Gemini - Read the Latest Research