CVE-2025-9162

A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment.

CVSS v3 4.9 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:15336
https://access.redhat.com/errata/RHSA-2025:15337
https://access.redhat.com/errata/RHSA-2025:15338
https://access.redhat.com/errata/RHSA-2025:15339
https://access.redhat.com/errata/RHSA-2025:16399
https://access.redhat.com/errata/RHSA-2025:16400
https://access.redhat.com/security/cve/CVE-2025-9162
https://bugzilla.redhat.com/show_bug.cgi?id=2389396

Configurations

No configuration.

History

No history.

Information

Published : 2025-08-21 16:15

Updated : 2025-09-22 16:15

NVD link : CVE-2025-9162

Mitre link : CVE-2025-9162

CVE.ORG link : CVE-2025-9162

JSON object : View

Products Affected

No product.

CWE

CWE-526

Cleartext Storage of Sensitive Information in an Environment Variable

{"id": "CVE-2025-9162", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2025-08-21T16:15:35.067", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:15336", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:15337", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:15338", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:15339", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:16399", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:16400", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-9162", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389396", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-526"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process\nallows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en org.keycloak/keycloak-model-storage-service. El recurso personalizado KeycloakRealmImport sustituye marcadores de posici\u00f3n dentro de los documentos de dominio importados, lo que podr\u00eda hacer referencia a variables de entorno. Este proceso de sustituci\u00f3n permite ataques de inyecci\u00f3n al procesar documentos de dominio manipulados. Un atacante puede aprovechar esto para inyectar contenido malicioso durante el proceso de importaci\u00f3n del dominio. Esto puede tener consecuencias imprevistas en el entorno de Keycloak."}], "lastModified": "2025-09-22T16:15:46.420", "sourceIdentifier": "[email protected]"}