CVE-2026-10101

Vulnerability

In ACM/MCE assisted-service, when pull-secret validation fails, the raw contents of the referenced pull-secret are written into InfraEnv.status.conditions[].message. This occurs because the service copies the .dockerconfigjson data directly into the status field without sanitization. The vulnerability affects versions of ACM/MCE assisted-service prior to a fix (specific versions not disclosed in the available references) [1][2].

Exploitation

An attacker with a namespace principal that has the stock view ClusterRole (or equivalent read-only access) cannot directly read Secrets via the Kubernetes API. However, they can read InfraEnv objects. By creating or modifying an InfraEnv resource that references a pull-secret and triggering a validation failure (e.g., by providing an invalid pull-secret reference), the attacker can then read InfraEnv.status.conditions[].message to recover the secret's .dockerconfigjson data, including username, password, email, and base64 auth fields [1][2].

Impact

Successful exploitation allows an attacker to bypass the RBAC separation between read-only namespace viewers and Secret readers. The attacker gains unauthorized access to pull-secret credentials, which may be used to authenticate to container registries or other services. This can lead to privilege escalation or lateral movement within the cluster if the pull-secret has broader access [1][2].

Mitigation

No fix has been disclosed in the available references. Users should restrict access to InfraEnv objects to trusted principals only, and avoid referencing pull-secrets that contain sensitive credentials in environments where untrusted users have view access. Monitor Red Hat advisories for a patched version [1][2].