Description
A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub.

The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace.

The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected.
This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode.

Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.
Published: 2026-04-30
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The assisted‑service REST API in Red Hat Multicluster Engine exposes a credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials) that returns the kubeadmin password and a kubeconfig file. In local authentication mode, any request that presents a valid locally issued JWT is granted full administrative rights across every endpoint, with no per‑endpoint restrictions. The JWT is embedded as a plain‑text query parameter in InfraEnvStatus.ISODownloadURL, which is readable by any user who has get rights on an InfraEnv object in their own namespace. Exploiting this flaw allows an authenticated user to retrieve the kubeadmin passphrase and kubeconfig for any OpenShift cluster provisioned through the hub, effectively giving them unrestricted root‑level control of those spoke clusters.

Affected Systems

Affected systems include Red Hat Multicluster Engine for Kubernetes versions 2.1, 2.11, and 2.7, as well as any Advanced Cluster Management installations that incorporate MCE. The hosted SaaS offering (console.redhat.com) is not impacted because it uses a different authentication mode.

Risk and Exploitability

The CVSS base score of 6.1 indicates moderate severity; the EPSS score of < 1% (≈0.00014) indicates a very low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Because the flaw requires only minimal namespace‑scoped privileges to obtain a valid JWT, the likely attack vector is an insider or a compromised account with service‑principal or user permissions. In environments that rely on local authentication for on‑premises hubs, this can be executed without elevating privileges, thus representing a significant risk for organizations that deploy MCE in that mode.

Generated by OpenCVE AI on May 2, 2026 at 10:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest vendor‑supplied update for Multicluster Engine that addresses CVE‑2026‑7163.
  • Restrict or disable the credentials download endpoints so that only administrators can access /v2/clusters/{cluster_id}/credentials and the kubeconfig endpoint.
  • Revoke or limit get permissions on InfraEnv objects to prevent exposure of the JWT embedded in the download URL.

Generated by OpenCVE AI on May 2, 2026 at 10:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 19 May 2026 08:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:multicluster_engine:2.9::el8
cpe:/a:redhat:multicluster_engine:2.9::el9
References

Tue, 05 May 2026 03:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:redhat:multicluster_engine_for_kubernetes:2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:multicluster_engine_for_kubernetes:2.7:*:*:*:*:*:*:*

Mon, 04 May 2026 21:30:00 +0000

Type Values Removed Values Added
References

Mon, 04 May 2026 06:30:00 +0000

Type Values Removed Values Added
References

Fri, 01 May 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Thu, 30 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:multicluster_engine cpe:/a:redhat:multicluster_engine:2.7::el8
cpe:/a:redhat:multicluster_engine:2.7::el9
References

Thu, 30 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:multicluster_engine:2.10::el9
References

Thu, 30 Apr 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:multicluster_engine:2.11::el9
References

Thu, 30 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat multicluster Engine For Kubernetes
Vendors & Products Redhat multicluster Engine For Kubernetes

Thu, 30 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 13:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with minimal namespace-scoped privileges to obtain administrative credentials for arbitrary clusters provisioned through the hub. The credentials download endpoint (GET /v2/clusters/{cluster_id}/credentials, which returns the kubeadmin password) and the kubeconfig download endpoint are operational in AUTH_TYPE=local mode, the only authentication mode available in on-premises ACM/MCE hub deployments. The local authenticator unconditionally grants full administrative access to any request bearing a valid JWT, with no per-endpoint restrictions. A valid local JWT is embedded as a plaintext query parameter in InfraEnvStatus.ISODownloadURL and is readable by any user who has get rights on an InfraEnv object in their own namespace. The affected components ship as part of Multicluster Engine (MCE). The Red Hat Advanced Cluster Management (ACM) deployments that include MCE are equally affected. This issue does not affect the hosted SaaS offering (console.redhat.com), which uses a different authentication mode. Successful exploitation gives the attacker the kubeadmin password and kubeconfig for any OpenShift cluster provisioned through the affected hub, granting unrestricted root-level administrative access to those spoke clusters.
Title Assisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosure
First Time appeared Redhat
Redhat multicluster Engine
Weaknesses CWE-312
CPEs cpe:/a:redhat:multicluster_engine
Vendors & Products Redhat
Redhat multicluster Engine
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N'}

Subscriptions

Redhat Multicluster Engine Multicluster Engine For Kubernetes
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-05-19T08:09:21.769Z

Reserved: 2026-04-27T04:21:23.911Z

Link: CVE-2026-7163

cve-icon Vulnrichment

Updated: 2026-04-30T13:35:11.247Z

cve-icon NVD

Status : Modified

Published: 2026-04-30T14:16:36.093

Modified: 2026-05-19T09:16:20.183

Link: CVE-2026-7163

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-30T12:00:00Z

Links: CVE-2026-7163 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T11:00:06Z

Weaknesses