5.3
CVE-2025-14243
- EPSS 0.08%
- Veröffentlicht 08.04.2026 16:41:55
- Zuletzt bearbeitet 21.04.2026 18:06:15
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Mirror-registry: openshift mirror registry: user enumeration via authentication error messages
A flaw was found in the OpenShift Mirror Registry. This vulnerability allows an unauthenticated, remote attacker to enumerate valid usernames and email addresses via different error messages during authentication failures and account creation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Mirror Registry For Red Hat Openshift Version-
Redhat ≫ Mirror Registry For Red Hat Openshift Version2.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.229 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.