CVE-2026-54099

A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A compromised Windows worker node that holds WICD credentials can submit a CSR that is auto-approved and signed by the cluster, yielding a client certificate that grants cluster-administrator privileges and enabling full cluster takeover.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:windows_machine_config_operator:-:*:*:*:*:*:*:*

History

08 Jul 2026, 15:10

Type Values Removed Values Added
References () https://access.redhat.com/security/cve/CVE-2026-54099 - () https://access.redhat.com/security/cve/CVE-2026-54099 - Vendor Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2487950 - () https://bugzilla.redhat.com/show_bug.cgi?id=2487950 - Issue Tracking, Vendor Advisory
References () https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54099.json - () https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54099.json - Vendor Advisory
First Time Redhat windows Machine Config Operator
Redhat
Redhat openshift Container Platform
CPE cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:windows_machine_config_operator:-:*:*:*:*:*:*:*

30 Jun 2026, 03:20

Type Values Removed Values Added
References
  • () https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54099.json -
References () https://access.redhat.com/security/cve/CVE-2026-54099 - () https://access.redhat.com/security/cve/CVE-2026-54099 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=2487950 - () https://bugzilla.redhat.com/show_bug.cgi?id=2487950 -

22 Jun 2026, 14:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-22 14:17

Updated : 2026-07-08 15:10


NVD link : CVE-2026-54099

Mitre link : CVE-2026-54099

CVE.ORG link : CVE-2026-54099


JSON object : View

Products Affected

redhat

  • windows_machine_config_operator
  • openshift_container_platform
CWE
CWE-269

Improper Privilege Management