CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-23367: Org.wildfly.core:wildfly-server: wildfly improper rbac permission

Description

A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server.
The vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.

Classification

CVE ID: CVE-2025-23367

Affected Products

Vendor: Red Hat

Product: Red Hat Build of Keycloak

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 18.25% (scored less or equal to compared to others)

EPSS Date: 2025-02-28 (when was this score calculated)

References

https://access.redhat.com/security/cve/CVE-2025-23367
https://bugzilla.redhat.com/show_bug.cgi?id=2337620

Timeline

2025-01-30 18:15:25 UTC
Github Advisory Database (Maven)

[org.wildfly:wildfly-server] Wildfly Server Role Based Access Control (RBAC) provider has Improper Access Control
2025-01-31 00:30:22 UTC
CVE

Org.wildfly.core:wildfly-server: wildfly improper rbac permission
2025-01-31 18:15:18 UTC
Github Advisory Database (Maven)

[org.wildfly.core:wildfly-server] WildFly improper RBAC permission