Vulnerability Details CVE-2021-3684
A vulnerability was found in OpenShift Assisted Installer. During generation of the Discovery ISO, image pull secrets were leaked as plaintext in the installation logs. An authenticated user could exploit this by re-using the image pull secret to pull container images from the registry as the associated user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.7%
CVSS Severity
CVSS v3 Score 5.5
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1985962
- https://github.com/openshift/assisted-installer/commit/2403dad3795406f2c5d923af0894e07bc8b0bdc4
- https://github.com/openshift/assisted-installer/commit/f3800cfa3d64ce6dcd6f7b73f0578bb99bfdaf7a
- https://bugzilla.redhat.com/show_bug.cgi?id=1985962
- https://github.com/openshift/assisted-installer/commit/2403dad3795406f2c5d923af0894e07bc8b0bdc4
- https://github.com/openshift/assisted-installer/commit/f3800cfa3d64ce6dcd6f7b73f0578bb99bfdaf7a
Products affected by CVE-2021-3684
-
cpe:2.3:a:redhat:openshift_assisted_installer:-
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.10.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.10.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.10.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.11.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.11.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.11.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.12.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.13.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.14.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.14.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.14.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.15.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.15.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.15.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.16.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.16.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.16.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.17.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.17.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.17.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.18.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.18.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.18.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.19.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.19.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.19.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.20.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.20.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.20.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.20.4
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.21.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.21.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.21.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.22.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.22.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.22.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.22.4
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.23.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.23.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.24.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.24.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.24.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.25.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.25.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9.1
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9.2
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9.3
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9.4
-
cpe:2.3:a:redhat:openshift_assisted_installer:1.0.9.5
-
cpe:2.3:a:redhat:openshift_container_platform:4.6
-
cpe:2.3:o:redhat:enterprise_linux:8.0