CVE-2026-10843

Published: Giu 04, 2026 Last Modified: Giu 04, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,2

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise.

250

Execution with Unnecessary Privileges

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Access Control

Potential Impacts:

Gain Privileges Or Assume Identity Execute Unauthorized Code Or Commands Read Application Data Dos: Crash, Exit, Or Restart

Applicable Platforms

Technologies: AI/ML, Mobile

Likelihood of Exploit: Medium

View CWE Details

https://access.redhat.com/security/cve/CVE-2026-10843

https://bugzilla.redhat.com/show_bug.cgi?id=2484738

CVE-2026-10843

Description

Execution with Unnecessary Privileges

Common Consequences

Applicable Platforms

Iscriviti alla newsletter