CVE-2026-10843

HIGH NVD

CVSS Score 7.2

Severity HIGH

Published Jun 04, 2026

Vendor unknown

Description

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise.

References

https://access.redhat.com/security/cve/CVE-2026-10843
https://bugzilla.redhat.com/show_bug.cgi?id=2484738