CVE-2024-12582

🗓️ 24 Dec 2024 03:31:24Reported by redhatType

Flawed authentication in Skupper may allow arbitrary file read and cause denial of service attacks.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-12582	24 Dec 202403:37	–	circl
CNNVD	Red Hat Service Interconnect 安全漏洞	20 Dec 202400:00	–	cnnvd
Cvelist	CVE-2024-12582 Skupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of service	24 Dec 202403:31	–	cvelist
EUVD	EUVD-2024-50973	3 Oct 202520:07	–	euvd
NVD	CVE-2024-12582	24 Dec 202404:15	–	nvd
Prion	CVE-2024-12582	24 Dec 202404:15	–	prion
Positive Technologies	PT-2024-9926 · Unknown · Skupper Console	20 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-12582	20 Dec 202417:55	–	redhatcve
RedHat Linux	Important: Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8	13 Feb 202513:36	–	redhat
SUSE CVE	SUSE CVE-2024-12582	23 Dec 202420:18	–	susecve

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.8.3",
        "versionType": "semver"
      }
    ],
    "packageName": "skupper",
    "collectionURL": "https://github.com/skupperproject/skupper/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-config-sync-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-controller-podman-container-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-controller-podman-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-flow-collector-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-operator-bundle",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-router-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "2.7.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-service-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-site-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.8.3-1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/skupperproject/skupper/pull/1833
access	www.access.redhat.com/errata/RHSA-2025:1413
access	www.access.redhat.com/security/cve/CVE-2024-12582

06 May 2026 17:16Current

7High risk

Vulners AI Score7

CVSS 3.17.1

EPSS0.00151

SSVC

CWE-305