CVE-2026-7163

A vulnerability in the assisted-service REST API, an optional Assisted Installer assisted-service component in the Multicluster Engine MCE, allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub...

CVE-2026-7163

A vulnerability in the assisted-service REST API, an optional Assisted Installer assisted-service component in the Multicluster Engine MCE, allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub...

CVE-2026-7163 Assisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosure

A vulnerability in the assisted-service REST API, an optional Assisted Installer assisted-service component in the Multicluster Engine MCE, allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub...

CVE-2026-7163

CVE-2026-7163 affects the Assisted-service REST API in the Multicluster Engine (MCE) used with Red Hat ACM/MCE on-prem deployments. An authenticated user with minimal namespace privileges can obtain administrative credentials (the kubeadmin password) and kubeconfig for any cluster provisioned thr...

CVE-2019-19335

During installation of an OpenShift 4 cluster, the openshift-install command line tool creates an auth directory, with kubeconfig and kubeadmin-password files. Both files contain credentials used to authenticate to the OpenShift API server, and are incorrectly assigned word-readable permissions...

CVE-2019-19335

During installation of an OpenShift 4 cluster, the openshift-install command line tool creates an auth directory, with kubeconfig and kubeadmin-password files. Both files contain credentials used to authenticate to the OpenShift API server, and are incorrectly assigned word-readable permissions...

PT-2020-10138 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift versions 4.2 Description: The issue arises during the installation of an OpenShift 4 cluster, where the openshift-install command line tool creates an auth directory. This directory contains kubeconfig and kubeadmin-password files,...

Low: Red Hat Security Advisory: OpenShift Container Platform 4.2.18 ose-baremetal-installer-container and ose-cli-artifacts-container security update

An update for ose-baremetal-installer-container and ose-cli-artifacts-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a...

Low: Red Hat Security Advisory: OpenShift Container Platform 4.2.18 ose-installer-container security update

An update for ose-installer-container is now available for Red Hat OpenShift Container Platform 4.2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...