CNNVD-202506-2558 Information

CNNVD ID

CNNVD-202506-2558

Related CVE

CVE-2025-5416

• CNNVD Published: 2025-06-19

Description (Chinese)

Red Hat build of Keycloak是美国红帽（Red Hat）公司的一款用于单点登录的Web应用。 Red Hat build of Keycloak存在安全漏洞，该漏洞源于/admin/serverinfo端点包含内部服务器详细信息，当经过身份验证的用户尝试直接访问该端点时，会返回 401 未授权错误,可能导致信息泄露。

Description (English)

Red Hat built of Keycloak is a Web application for single-point access by Red Hat. Red Hat build of Keycloak has a security loophole, which originates from the /admin/serverinfo end point containing internal server details and returns 401 unauthorized errors that may lead to the disclosure of information when an identified user attempts to access the end point directly.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

红帽

Published

2025-06-19

Last Modified

2026-02-24

References

https://bugzilla.redhat.com/show_bug.cgi?id=2369601 https://access.redhat.com/security/cve/CVE-2025-5416 https://access.redhat.com/security/cve/cve-2025-5416