Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform enables unauthorized access to sensitive debug information such as metrics and health data. This issue affects Symmetric Key Agreement Platform: before 26.03.
AnalysisAI
Unauthenticated access to an exposed Keycloak management service in the Arqit Symmetric Key Agreement Platform allows remote attackers to read sensitive operational data including application metrics and health status without any credentials. All versions of the platform prior to 26.03 are affected. The CVSS vector (PR:N/AC:L) confirms no authentication is required and exploitation is straightforward; however, EPSS at 0.01% (1st percentile) and SSVC exploitation status of 'none' indicate no public exploit or active targeting observed at time of analysis.
Technical ContextAI
The Arqit Symmetric Key Agreement Platform (CPE: cpe:2.3:a:arqit:symmetric_key_agreement_platform:*:*:*:*:*:*:*:*) uses Keycloak as its identity and access management component. Keycloak exposes a management interface - typically including actuator-style endpoints for health checks and Prometheus-compatible metrics - that in this deployment was left network-accessible without authentication controls. CWE-749 (Exposed Dangerous Method or Function) precisely describes the root cause: a privileged management interface intended for internal operational use was made reachable to unauthenticated network actors. The tag 'Authentication Bypass' reflects the absence of access controls on this management plane, rather than a bypass of existing controls. Debug and metrics data from such endpoints can reveal internal service topology, JVM/runtime state, active session counts, and infrastructure health signals useful for reconnaissance.
RemediationAI
The primary fix is upgrading to Arqit Symmetric Key Agreement Platform version 26.03 or later, where the Keycloak management service exposure is addressed. Patch is confirmed available per vendor per EUVD-2026-30114; the exact release is version 26.03. For deployments that cannot immediately upgrade, compensating controls include: restricting network access to the Keycloak management port (typically 9990 or 8080/management context) via firewall or network policy to only trusted internal IPs or management networks - note this may impact monitoring tooling that relies on scraping those endpoints. Alternatively, configure Keycloak's management interface to require authentication via its built-in management security realm, though this configuration may differ by Keycloak version and should be validated against the platform's supported configuration. Advisory references: https://nvd.nist.gov/vuln/detail/CVE-2026-33584.
Sensitive key material disclosure in Arqit Symmetric Key Agreement Platform versions before 26.03 allows remote unauthen
Session impersonation in Arqit Symmetric Key Agreement Platform (SKA-Platform) prior to version 26.03 is enabled by impr
Same weakness CWE-749 – Exposed Dangerous Method or Function
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30114
GHSA-7rhj-w7pg-37v4