Description
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
References (5)
Scores
CVSS v3
6.6
EPSS
0.0006
EPSS Percentile
19.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-250
Status
published
Products (25)
Red Hat/Red Hat Advanced Cluster Management for Kubernetes 2
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:08cd8df1f99ca92bd8c82a3ce345352f8a5223feac9f475293987dc6088bd607
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:0b5f12a165ad061ec151f9310fa5803717cb41f719802503125d982f5420edd0
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:0cb993a3f939cd30689f10f03110a6dec8317c9c5c69ed726e78bb9c70b7f3ee
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:0e1a41e4284bb482365de3b2d2e799fe4b53af86743b56ccae50a236eac23897
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:0ea607acea5d6ad4aa853cb564e7c5e462c3d5f38814e2097142d44231437bd8
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:13594f6f57bdd87477505288fee4a62c504daacdb6fc930e0c64c582edab4dbb
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:147e1ff243a190e7db6af5a450ab9ee45a6c138beb1428605296c5a39d8c2cd9
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:180f30e2f7ae5a1604c9ef3e8fdcdb2af37c53019280777c61375aef9cc6dee3
Red Hat/Red Hat Openshift Data Foundation 4.2
sha256:1872fce9d3599368600ce07f81c6a2105bfdf10cb770fdeea57dd1e16f662789
... and 15 more
Published
May 17, 2024
Tracked Since
Feb 18, 2026