GHSA-6w74-qhw6-wmwcHighCVSS 7.2

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS....

Published
June 4, 2026
Last Modified
June 4, 2026

🔗 CVE IDs covered (1)

📋 Description

A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential compromise.

🔗 References (4)