Skip to main content

ACM assisted-service CVE-2026-10101

| EUVDEUVD-2026-33342 MEDIUM
Insertion of Sensitive Information Into Sent Data (CWE-201)
2026-05-29 secalert@redhat.com GHSA-jxxw-7x7w-4x47
6.3
CVSS 3.1 · Vendor: redhat
Share

Severity by source

Vendor (redhat) PRIMARY
6.3 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
Red Hat
6.3 MEDIUM
qualitative

Primary rating from Vendor (redhat).

CVSS VectorVendor: redhat

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 29, 2026 - 16:54 vuln.today

DescriptionCVE.org

ACM/MCE assisted-service writes raw referenced pull-secret contents into InfraEnv.status.conditions[].message when pull-secret validation fails. A namespace principal with the stock view ClusterRole cannot directly read Secrets, but can read InfraEnv objects and recover the referenced Secret's .dockerconfigjson data from status.

This bypasses the Kubernetes/OpenShift RBAC separation between read-only namespace viewers and Secret readers. In the reproduced proof, the same ServiceAccount was denied get and list on Secrets, but recovered synthetic pull-secret username, password, email, and base64 auth fields through InfraEnv.status.

AnalysisAI

Pull-secret credential exposure in Red Hat Advanced Cluster Management (ACM) and Multicluster Engine (MCE) assisted-service leaks the full contents of a referenced pull-secret - including username, password, email, and base64-encoded auth token - into the publicly-readable InfraEnv.status.conditions[].message field when pull-secret validation fails. A low-privileged namespace principal holding the stock Kubernetes view ClusterRole, which is explicitly denied direct get/list on Secret objects, can recover the entire .dockerconfigjson credential payload by reading InfraEnv status. This constitutes a confirmed RBAC bypass (CWE-201) demonstrated via a reproduced proof-of-concept; no active exploitation via CISA KEV has been recorded at time of analysis.

Technical ContextAI

The assisted-service component of Red Hat ACM/MCE manages bare-metal and assisted-installation cluster provisioning on OpenShift. It consumes InfraEnv custom resources that reference Kubernetes Secrets containing Docker/OCI registry pull credentials (.dockerconfigjson). When pull-secret validation fails, assisted-service erroneously serializes the raw Secret contents - including base64-encoded auth fields - into the conditions[].message string within InfraEnv.status. Kubernetes RBAC is designed so that the view ClusterRole grants read access to most namespaced resources but explicitly excludes Secrets; this architecture assumes status subresources of non-Secret CRDs are safe for low-privilege consumers. CWE-201 (Insertion of Sensitive Information Into Sent Data) precisely describes the root cause: the application embeds secret material in an observable, lower-sensitivity data channel, circumventing the access-control boundary. The vulnerability is reachable over the network (AV:N) and requires only low privileges (PR:L), consistent with a namespace-level service account or user.

Affected ProductsAI

Red Hat Advanced Cluster Management (ACM) and Multicluster Engine (MCE) assisted-service components are affected, specifically the assisted-service workload responsible for InfraEnv provisioning on OpenShift clusters. No specific version range or CPE string was provided in the available intelligence data - affected versions should be confirmed via the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2026-10101 and the associated Bugzilla tracking issue at https://bugzilla.redhat.com/show_bug.cgi?id=2483298. The vulnerability is applicable to any OpenShift deployment running ACM or MCE with the assisted-service operator and InfraEnv resources in use.

RemediationAI

No specific patched version number was confirmed in the available data; administrators should consult the Red Hat security advisory at https://access.redhat.com/security/cve/CVE-2026-10101 and Bugzilla issue https://bugzilla.redhat.com/show_bug.cgi?id=2483298 for patch availability and exact fix versions as Red Hat releases them. As a compensating control, audit all namespace-level principals - including ServiceAccounts - that hold the view ClusterRole or equivalent in namespaces containing InfraEnv resources, and remove or restrict that binding where read access to InfraEnv status is not operationally required; the trade-off is reduced observability for those principals. Additionally, rotate any pull-secrets that may have been exposed via InfraEnv status conditions, particularly for private registries used in cluster provisioning workflows. Where possible, restrict RBAC permissions on InfraEnv status subresources using a custom ClusterRole that explicitly denies or omits status access, pending an upstream fix that removes raw credential content from condition messages.

CVE-2025-1974 CRITICAL POC
9.8 Mar 25

A critical vulnerability in Kubernetes ingress-nginx controller allows unauthenticated attackers with pod network access

CVE-2026-45321 CRITICAL POC
9.6 May 12

Credential-harvesting malware compromised 84 versions of 42 TanStack npm packages on 2026-05-11 via chained GitHub Actio

CVE-2025-1098 HIGH POC
8.8 Mar 25

Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress

CVE-2025-24514 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingres

CVE-2025-1097 HIGH POC
8.8 Mar 25

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-c

CVE-2020-8554 MEDIUM POC
6.3 Jan 21

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.exter

CVE-2025-55190 CRITICAL POC
9.9 Sep 04

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Rated critical severity (CVSS 9.9), this vulne

CVE-2018-18843 CRITICAL POC
10.0 Dec 04

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4

CVE-2026-22039 CRITICAL POC
9.9 Jan 27

Kyverno Kubernetes policy engine prior to 1.x has a privilege escalation vulnerability (CVSS 9.9) allowing policy bypass

CVE-2024-42480 CRITICAL POC
9.9 Aug 12

Kamaji is the Hosted Control Plane Manager for Kubernetes. Rated critical severity (CVSS 9.9), this vulnerability is rem

CVE-2023-28110 CRITICAL POC
9.9 Mar 16

Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, ref

CVE-2026-25996 CRITICAL POC
9.8 Feb 12

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter

Vendor StatusVendor

Share

CVE-2026-10101 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy