Vulnerability Details CVE-2026-46389
UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the `client-kubernetes-secret` Keycloak client authenticator (shipped by `uds-identity-config` and consumed by UDS Core) causes the submitted `client_secret` to be overwritten with the mounted Kubernetes secret before comparison. An attacker who can reach the Keycloak token endpoint and knows a `client_id` using this authenticator can authenticate as that client with any `client_secret` value and obtain OAuth2 tokens scoped to the client's service account. In the case of the `uds-operator` client this token can be used to registry/modify other clients. Version 0.26.1 patches the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 25.0%
CVSS Severity
CVSS v3 Score 10.0
References
Products affected by CVE-2026-46389
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.11.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.11.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.12.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.12.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.13.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.13.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.14.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.14.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.15.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.15.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.15.2
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.16.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.16.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.16.2
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.16.3
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.17.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.18.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.19.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.19.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.20.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.21.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.22.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.22.1
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.23.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.24.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.25.0
-
cpe:2.3:a:defenseunicorns:uds_identity_config:0.26.0