Unrated severityNVD Advisory· Published Jul 2, 2025· Updated Nov 20, 2025
Rhacm: users with clusterreader role can see credentials from managed-clusters
CVE-2025-6017
Description
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2.11, before 2.11.4, and 2.12, before 2.12.4. This vulnerability allows an unprivileged user to view confidential managed cluster credentials through the UI. This information should only be accessible to authorized users and may result in the loss of confidentiality of administrative information, which could be leaked to unauthorized actors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <2.12.4
Patches
Vulnerability mechanics
References
2- access.redhat.com/security/cve/CVE-2025-6017mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
News mentions
0No linked articles in our index yet.