Home

Description

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle authenticated browser session, to perform privileged actions without providing valid credentials. The vulnerability enables unauthorized execution of sensitive operations despite the user interface displaying an error for invalid credentials.

PUBLISHED Reserved 2026-04-22 | Published 2026-04-22 | Updated 2026-04-22 | Assigner redhat




MEDIUM: 5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Problem types

Insufficient Session Expiration

Product status

Default status
affected

Default status
affected

Timeline

2026-04-10:Reported to Red Hat.
2026-04-10:Made public.

Credits

This issue was discovered by Davide Scrimieri (Red Hat).

References

access.redhat.com/security/cve/CVE-2026-6848 vdb-entry

bugzilla.redhat.com/show_bug.cgi?id=2460119 (RHBZ#2460119) issue-tracking

cve.org (CVE-2026-6848)

nvd.nist.gov (CVE-2026-6848)

Download JSON