Search for vulnerabilities
Vulnerability details: VCID-g4dm-rd3v-tbcp
Vulnerability ID VCID-g4dm-rd3v-tbcp
Aliases CVE-2022-1245
GHSA-75p6-52g3-rqc8
GMS-2022-1039
Summary Keycloak vulnerable to privilege escalation on Token Exchange feature A privilege escalation flaw was found in the token exchange feature of keycloak. Missing authorization allows a client application holding a valid access token to exchange tokens for any target client by passing the client_id of the target. This could allow a client to gain unauthorized access to additional services.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (5)
CWE-639 Authorization Bypass Through User-Controlled Key
CWE-862 Missing Authorization
CWE-863 Incorrect Authorization
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
cvssv3 8.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1245.json
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
epss 0.00396 https://api.first.org/data/v1/epss?cve=CVE-2022-1245
cvssv3.1_qr CRITICAL https://github.com/advisories/GHSA-75p6-52g3-rqc8
cvssv3.1 9.8 https://github.com/keycloak/keycloak
generic_textual CRITICAL https://github.com/keycloak/keycloak
cvssv3.1 9.8 https://github.com/keycloak/keycloak/commit/76d83f46fad94ebcbedaa49e6daad458e2894e52
generic_textual CRITICAL https://github.com/keycloak/keycloak/commit/76d83f46fad94ebcbedaa49e6daad458e2894e52
cvssv3.1 9.8 https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8
cvssv3.1_qr CRITICAL https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8
generic_textual CRITICAL https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-1245
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-1245
generic_textual CRITICAL https://nvd.nist.gov/vuln/detail/CVE-2022-1245
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1245.json
https://api.first.org/data/v1/epss?cve=CVE-2022-1245
https://github.com/keycloak/keycloak
https://github.com/keycloak/keycloak/commit/76d83f46fad94ebcbedaa49e6daad458e2894e52
https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8
https://nvd.nist.gov/vuln/detail/CVE-2022-1245
2071036 https://bugzilla.redhat.com/show_bug.cgi?id=2071036
cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:*
GHSA-75p6-52g3-rqc8 https://github.com/advisories/GHSA-75p6-52g3-rqc8
RHSA-2022:1709 https://access.redhat.com/errata/RHSA-2022:1709
RHSA-2022:1711 https://access.redhat.com/errata/RHSA-2022:1711
RHSA-2022:1712 https://access.redhat.com/errata/RHSA-2022:1712
RHSA-2022:1713 https://access.redhat.com/errata/RHSA-2022:1713
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1245.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/keycloak/keycloak
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/keycloak/keycloak/commit/76d83f46fad94ebcbedaa49e6daad458e2894e52
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/keycloak/keycloak/security/advisories/GHSA-75p6-52g3-rqc8
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-1245
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-1245
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.59631
EPSS Score 0.00396
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:59:27.723353+00:00 GithubOSV Importer Import https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-75p6-52g3-rqc8/GHSA-75p6-52g3-rqc8.json 37.0.0