CVE-2025-14082
BaseFortify
Publication date: 2025-12-10
Last updated on: 2026-04-02
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| keycloak | keycloak | 3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the Keycloak Admin REST API that allows unauthorized disclosure of sensitive role metadata. It occurs because the /admin/realms/{realm}/roles endpoint does not properly enforce authorization checks, potentially exposing sensitive information about roles to users who should not have access.
How can this vulnerability impact me? :
The impact of this vulnerability is information disclosure of sensitive role metadata. This could allow an attacker or unauthorized user to gain insights into role configurations and permissions within Keycloak, potentially aiding further attacks or unauthorized access attempts. However, the vulnerability does not affect integrity or availability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the /admin/realms/{realm}/roles endpoint of the Keycloak Admin REST API with a user having the role_query-groups permission. If the user is able to retrieve the complete list of realm roles including sensitive metadata, the system is vulnerable. A possible command to test this is using curl with authentication to query the endpoint, for example: curl -H "Authorization: Bearer <token>" https://<keycloak-server>/admin/realms/<realm>/roles. If the response includes sensitive role metadata, the vulnerability is present. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the /admin/realms/{realm}/roles endpoint to only fully authorized users, reviewing and tightening the permissions assigned to users with the role_query-groups permission, and monitoring API access logs for suspicious activity. Additionally, applying any available patches or updates from Keycloak or your vendor addressing this vulnerability is recommended. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.