Lucene search

RedhatCVELIST:CVE-2024-1725

HistoryMar 07, 2024 - 8:09 p.m.

CVE-2024-1725 Kubevirt-csi: persistentvolume allows access to hcp's root node

2024-03-0720:09:11

CWE-501

redhat

www.cve.org

kubevirt-csi

openshift virtualization

hosted control plane

authenticated attacker

persistent volume

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

A flaw was found in the kubevirt-csi component of OpenShift Virtualization’s Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node’s volume by creating a custom Persistent Volume that matches the name of a worker node.

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.13",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "openshift4/kubevirt-csi-driver-rhel8",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "v4.13.0-202404200313.p0.g9d909f7.assembly.stream.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.13::el8",
      "cpe:/a:redhat:openshift:4.13::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.14",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "openshift4/kubevirt-csi-driver-rhel8",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "v4.14.0-202404161544.p0.g48fafc4.assembly.stream.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.14::el9",
      "cpe:/a:redhat:openshift:4.14::el8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4.15",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "openshift4/kubevirt-csi-driver-rhel8",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "v4.15.0-202403220332.p0.gd3bdbce.assembly.stream.el8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:openshift:4.15::el9",
      "cpe:/a:redhat:openshift:4.15::el8"
    ]
  }
]

References

access.redhat.com/errata/RHSA-2024:1559

access.redhat.com/errata/RHSA-2024:1891

access.redhat.com/errata/RHSA-2024:2047

access.redhat.com/security/cve/CVE-2024-1725

bugzilla.redhat.com/show_bug.cgi?id=2265398

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Related for CVELIST:CVE-2024-1725