Keycloak Admin REST API Improper Access Control Vulnerability Allowing Information Disclosure

Vulnerability

An improper access control vulnerability has been identified in the Keycloak Admin REST API. This issue allows low-privileged users with 'create-client' permission to access internal user profile schema data through the /admin/realms/master/users/profile endpoint. The exposed data includes attribute names, validation rules, display metadata, and permission mappings. While this vulnerability does not directly compromise user accounts or system integrity, it could be exploited for targeted attacks or privilege escalation by leveraging the disclosed schema information.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user profile schema data, which could be used to conduct targeted attacks or escalate privileges within the application.

Added: Jan 21, 2026, 1:18 PM

Updated: Jan 21, 2026, 1:18 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

5.4

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

0.6

exploitability

5.4

remediation

0.0

relevance

2.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keycloak Admin REST API Improper Access Control Vulnerability Allowing Information Disclosure

Vulnerability

Impact

Affected Products

Red Hat Keycloak

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating