CVE-2026-54100
Received Received - Intake
SSH Host Key Verification Bypass in Red Hat OpenShift WMCO

Publication date: 2026-06-22

Last updated on: 2026-06-22

Assigner: Red Hat, Inc.

Description
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture WICD and kubelet bootstrap credentials transferred during node configuration, enabling compromise of Windows node identities in the cluster.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-22
Last Modified
2026-06-22
Generated
2026-06-22
AI Q&A
2026-06-22
EPSS Evaluated
N/A
NVD
CVE-2026-54100
EUVD
EUVD-2026-38234
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
red_hat windows_machine_config_operator *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-295 The product does not validate, or incorrectly validates, a certificate.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in CVE-2026-54100 affects the Windows Machine Config Operator (WMCO) used in Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes but does not verify the remote server's host key. This means that an attacker on the adjacent network can intercept or redirect these SSH sessions.

By exploiting this flaw, the attacker can capture sensitive credentials, specifically WICD and kubelet bootstrap credentials, which are transferred during the node configuration process. This enables the attacker to compromise the identities of Windows nodes within the cluster.

Impact Analysis

This vulnerability can have serious impacts by allowing an attacker on the same network to intercept SSH sessions between WMCO and Windows worker nodes. The attacker can steal critical credentials used for node configuration.

With these stolen credentials, the attacker can impersonate Windows nodes in the cluster, potentially gaining unauthorized access and control over those nodes. This can lead to compromise of the cluster's integrity, confidentiality, and availability.

Mitigation Strategies

The vulnerability arises because WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key, allowing interception and credential theft.

To mitigate this vulnerability immediately, ensure that SSH connections from WMCO verify the remote server's host key to prevent man-in-the-middle attacks.

Since the issue is under review by Red Hat Product Security, monitor official Red Hat advisories for patches or updates that address this flaw and apply them as soon as they become available.

Compliance Impact

The vulnerability allows an adjacent-network attacker to intercept or redirect SSH sessions and capture sensitive credentials used during node configuration. This exposure of sensitive information could lead to unauthorized access and compromise of Windows node identities within the cluster.

Such unauthorized access and potential data compromise may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure authentication mechanisms to prevent unauthorized disclosure and access.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-54100. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart