CVE-2020-27826: 
Java vulnerability analysis and mitigation

A vulnerability was discovered in Keycloak versions prior to 12.0.0, identified as CVE-2020-27826. The flaw allows users to update their metadata attributes through the Account REST API, enabling potential impersonation of admin users for specific applications. The vulnerability was reported on October 27, 2020, and was addressed with the release of Keycloak 12.0.0 (MITRE CVE, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 4.2 (Medium) with the vector string CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N. The flaw specifically relates to the Account REST API's ability to modify user metadata attributes, including the NameID attribute, which can be exploited for admin impersonation. The vulnerability is classified under CWE-250 (Execution with Unnecessary Privileges) (NVD).

The vulnerability allows authenticated users to modify their own NameID attribute, potentially enabling them to impersonate administrative users for specific applications. This could lead to unauthorized access and privilege escalation within affected systems (Red Hat Bugzilla).

The vulnerability was addressed in Keycloak version 12.0.0. Red Hat released security updates for affected versions of Red Hat Single Sign-On 7.4, including versions for RHEL 6, 7, and 8 through security advisories RHSA-2020:5526, RHSA-2020:5527, and RHSA-2020:5528 (Red Hat Advisory).