Keycloak /admin/serverinfo Info Disclosure via Authenticated Access
CVE-2025-5416 Published on June 20, 2025

Keycloak-core: keycloak environment information
A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information.

NVD

Vulnerability Analysis

CVE-2025-5416 is exploitable with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
NONE
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public. 19 days later.

Weakness Type

Exposure of Sensitive System Information to an Unauthorized Control Sphere

The application does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the application does.


Products Associated with CVE-2025-5416

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-5416 are published in these products:

Red Hat Keycloak
 
Red Hat Build Keycloak
 

Affected Versions

Red Hat Build of Keycloak:

Exploit Probability

EPSS
0.03%
Percentile
9.19%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.