CVE-2025-2241 — Vulnetix

CVE-2025-2241 PUBLISHED CVSS 8.199999809265137 HIGH

Openshift Hive Exposes VCenter Credentials via ClusterProvision

EPSS 0.04% · 12.9th percentile

Risk Scores

CVSS v3.1

8.199999809265137

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

EPSS Score

0.04%

12.9th percentile

Affected Products

Vendor	Product	Versions
github.com	openshift/hive	0
Red Hat	Red Hat Advanced Cluster Management for Kubernetes 2
		1.2.4105-7735bf3
Red Hat	Multicluster Engine for Kubernetes

Timeline

Mar 17, 2025 CVE Published
Mar 17, 2025 PoC Published
Mar 17, 2025 PoC Published
Mar 18, 2025 EPSS Score
Mar 18, 2025 Coalition ESS Score
Mar 31, 2025 EPSS Score
Apr 14, 2025 EPSS Score
Apr 27, 2025 EPSS Score
May 10, 2025 EPSS Score
May 12, 2025 Coalition ESS Score
May 24, 2025 EPSS Score
Jun 6, 2025 EPSS Score

References

https://access.redhat.com/security/cve/CVE-2025-2241 vdb
RHBZ#2351350 issue
https://github.com/openshift/hive/pull/2612 url
https://nvd.nist.gov/vuln/detail/CVE-2025-2241 advisory
https://github.com/openshift/hive package

Open in Interactive Console →

$ Console Community · 100/wk Open console ›