ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's OAuth2 Token Exchange endpoint for urn:ietf:params:oauth:grant-type:token-exchange does not verify that the subject token belongs to the requesting client or that requested scopes remain within the original token's scopes, allowing a low-privilege token to be exchanged for elevated permissions at another application. This issue is fixed in version 4.15.3.
Metrics
Affected Vendors & Products
References
History
Fri, 10 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Zitadel
Zitadel zitadel |
|
| Vendors & Products |
Zitadel
Zitadel zitadel |
Fri, 10 Jul 2026 18:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's OAuth2 Token Exchange endpoint for urn:ietf:params:oauth:grant-type:token-exchange does not verify that the subject token belongs to the requesting client or that requested scopes remain within the original token's scopes, allowing a low-privilege token to be exchanged for elevated permissions at another application. This issue is fixed in version 4.15.3. | |
| Title | ZITADEL: Unauthorized Token Privilege Escalation in OAuth2 Token Exchange | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-10T17:46:25.937Z
Reserved: 2026-06-22T16:39:01.043Z
Link: CVE-2026-56668
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-10T19:30:04Z