Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to authorized users and may result in the loss of confidentiality of administrative information, which could be leaked to unauthorized actors.
AnalysisAI
A security vulnerability in Red Hat Advanced Cluster Management (CVSS 5.5) that allows an unprivileged user. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor. Affects Red Hat Advanced Cluster Management.
RemediationAI
Monitor vendor channels for patch availability.
The grc-policy-propagator allows security escalation within the cluster. Rated high severity (CVSS 7.8), this vulnerabil
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server
A vulnerability was found in the search-api container in Red Hat Advanced Cluster Management for Kubernetes when a query
An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Rated low severity (CVSS 3.5), this vulnerability is l
Same technique Information Disclosure
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-19692