{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9162", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-08-19T13:11:49.675Z", "datePublished": "2025-08-21T15:40:25.136Z", "dateUpdated": "2025-08-21T19:59:20.918Z"}, "containers": {"cna": {"title": "Org.keycloak/keycloak-model-storage-service: variable injection into environment variables", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process\nallows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Build of Keycloak", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "org.keycloak/keycloak-model-storage-service", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:build_keycloak:"]}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-9162", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389396", "name": "RHBZ#2389396", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2025-08-19T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-526", "description": "Cleartext Storage of Sensitive Information in an Environment Variable", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-526: Cleartext Storage of Sensitive Information in an Environment Variable", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "timeline": [{"lang": "en", "time": "2025-08-19T13:07:08.679000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-08-19T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-08-21T15:40:25.136Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-21T19:59:07.000426Z", "id": "CVE-2025-9162", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-21T19:59:20.918Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9162", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-21T19:59:07.000426Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-21T19:59:14.033Z"}}], "cna": {"title": "Org.keycloak/keycloak-model-storage-service: variable injection into environment variables", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:/a:redhat:build_keycloak:"], "vendor": "Red Hat", "product": "Red Hat Build of Keycloak", "packageName": "org.keycloak/keycloak-model-storage-service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-08-19T13:07:08.679000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-08-19T00:00:00+00:00", "value": "Made public."}], "datePublic": "2025-08-19T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2025-9162", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389396", "name": "RHBZ#2389396", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process\nallows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-526", "description": "Cleartext Storage of Sensitive Information in an Environment Variable"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-08-21T15:40:25.136Z"}, "x_redhatCweChain": "CWE-526: Cleartext Storage of Sensitive Information in an Environment Variable"}}, "cveMetadata": {"cveId": "CVE-2025-9162", "state": "PUBLISHED", "dateUpdated": "2025-08-21T19:59:20.918Z", "dateReserved": "2025-08-19T13:11:49.675Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-08-21T15:40:25.136Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process\nallows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en org.keycloak/keycloak-model-storage-service. El recurso personalizado KeycloakRealmImport sustituye marcadores de posici\u00f3n dentro de los documentos de dominio importados, lo que podr\u00eda hacer referencia a variables de entorno. Este proceso de sustituci\u00f3n permite ataques de inyecci\u00f3n al procesar documentos de dominio manipulados. Un atacante puede aprovechar esto para inyectar contenido malicioso durante el proceso de importaci\u00f3n del dominio. Esto puede tener consecuencias imprevistas en el entorno de Keycloak."}], "id": "CVE-2025-9162", "lastModified": "2025-08-22T18:09:17.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Primary"}]}, "published": "2025-08-21T16:15:35.067", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-9162"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389396"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-526"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"bugzilla": {"description": "org.keycloak/keycloak-model-storage-service: Variable injection into environment variables", "id": "2389396", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389396"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-526", "details": ["No description is available for this CVE."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-9162", "package_state": [{"cpe": "cpe:/a:redhat:build_keycloak:", "fix_state": "Affected", "package_name": "org.keycloak/keycloak-model-storage-service", "product_name": "Red Hat Build of Keycloak"}], "public_date": "2025-08-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-9162\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-9162"], "threat_severity": "Moderate"}