cvedb.io
CVE-2021-3684
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2023-03-24T20:15:08.160 · Last modified 2026-06-17T04:05:33.883

Summary

A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the associated user.

Affected products

redhat — openshift_assisted_installer

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.