Red Hat OpenShift Mirror Registry User Enumeration Vulnerability

Vulnerability

A vulnerability in the OpenShift Mirror Registry allows unauthenticated, remote attackers to enumerate valid usernames and email addresses. This is achieved by exploiting different error messages that are revealed during authentication failures and account creation processes.

Impact

Exploitation of this vulnerability could lead to unauthorized users gaining access to valid usernames and email addresses, potentially allowing for further targeted attacks.

Added: Apr 8, 2026, 5:40 PM

Updated: Apr 8, 2026, 5:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

5.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Red Hat OpenShift Mirror Registry User Enumeration Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating