Lucene search
K

7 matches found

OSV
OSV
added 2025/03/18 6:14 p.m.6 views

GO-2025-3529 Openshift Hive Exposes VCenter Credentials via ClusterProvision in github.com/openshift/hive

Openshift Hive Exposes VCenter Credentials via ClusterProvision in github.com/openshift/hive...

8.2CVSS6.8AI score0.00452EPSS
Exploits0References4
Snyk
Snyk
added 2025/03/17 6:31 p.m.2 views

Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information where vCenter credentials are stored in plaintext within the ClusterProvision object after provisioning a vSphere cluster. Users with read access to ClusterProvision objects can extract these...

8.6CVSS6.6AI score0.00452EPSS
Exploits0References2
OSV
OSV
added 2025/03/17 6:31 p.m.6 views

GHSA-C339-MWFC-FMR2 Openshift Hive Exposes VCenter Credentials via ClusterProvision

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

8.2CVSS6.3AI score0.00452EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/03/17 6:31 p.m.10 views

Openshift Hive Exposes VCenter Credentials via ClusterProvision

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

8.2CVSS6.5AI score0.00452EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/03/17 5:15 p.m.9 views

CVE-2025-2241

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

8.2CVSS0.00452EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/17 4:27 p.m.13 views

CVE-2025-2241 Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

8.2CVSS0.00452EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/03/17 4:25 p.m.8 views

CVE-2025-2241

A flaw was found in Hive, a component of Multicluster Engine MCE and Advanced Cluster Management ACM. This vulnerability causes VCenter credentials to be exposed in the ClusterProvision object after provisioning a VSphere cluster. Users with read access to ClusterProvision objects can extract...

8.2CVSS6.5AI score0.00452EPSS
Exploits0References3
Rows per page
Query Builder