Main Vulnerability Database Vulnerabilities #VU118581

#VU118581 Configuration in Keycloak - CVE-2025-11538

Published: November 18, 2025 / Updated: December 1, 2025

Vulnerability identifier: #VU118581

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2025-11538

CWE-ID: CWE-16

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Keycloak

Software vendor:
Keycloak

Description

The issue may allow a remote attacker to gain unauthorized access to the application.

The issue exists due to insecure default configuration of the server with enabled debug mode. The server binds by default the Java Debug Wire Protocol (JDWP) port to all network interfaces (0.0.0.0), exposing the interface to remote attackers.

Remediation

Install updates from vendor's website.

External links

https://github.com/advisories/GHSA-7m9g-pmxf-m9m8
https://bugzilla.redhat.com/show_bug.cgi?id=2402622
https://github.com/keycloak/keycloak/security/advisories/GHSA-j4vq-q93m-4683

#VU118581 Configuration in Keycloak - CVE-2025-11538

Description

Remediation

External links

Please verify you're human