Detections
Analytics

CVE-2025-11537

medium

Description

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. An attacker with read access to the log files can extract these credentials (e.g., bearer tokens, session cookies) and use them to impersonate users, leading to a full account compromise.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2402616

https://access.redhat.com/security/cve/CVE-2025-11537

Details

Source: Mitre, NVD

Published: 2026-02-10

Updated: 2026-02-10

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00012