Description
A flaw was found in Keycloak’s WebAuthn registration component. This vulnerability allows an attacker to bypass the configured attestation policy and register untrusted or forged authenticators via submission of an attestation object with fmt: "none", even when the realm is configured to require direct attestation. This can lead to weakened authentication integrity and unauthorized authenticator registration.
CVSS Metrics
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
- Attack Vector
- network
- Complexity
- high
- Privileges
- none
- User Action
- required
- Scope
- unchanged
- Confidentiality
- none
- Integrity
- low
- Availability
- none
- Weaknesses
- CWE-347
Metadata
- Primary Vendor
- REDHAT
- Published
- 2/27/2026
- Last Modified
- 3/5/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
redhat : build_of_keycloakredhat : build_of_keycloakredhat : keycloak
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.