Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2024-6840
HistorySep 12, 2024 - 4:35 p.m.

CVE-2024-6840 Automation-controller: gain access to the k8s api server via job execution with container group

2024-09-1216:35:08
CWE-285
redhat
www.cve.org
5
cve-2024-6840
automation controller
ansible
k8s api
http request
service account

CVSS3

6.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N

EPSS

0

Percentile

16.3%

JSON

An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via automountServiceAccountToken: true, resulting in privilege escalation to a service account.

CNA Affected

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "automation-controller",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:4.5.10-1.el8ap",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
      "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
      "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "automation-controller",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:4.5.10-1.el9ap",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
      "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
      "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
      "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
    ]
  }
]

Related

nvd 1
vulnrichment 1
cve 1
redhatcve 1
redhat 1
nessus 1
nvd
nvd
CVE-2024-6840
2024-09-12 17:15:05
vulnrichment
vulnrichment
CVE-2024-6840 Automation-controller: gain access to the k8s api server via job execution with container group
2024-09-12 16:35:08
cve
cve
CVE-2024-6840
2024-09-12 17:15:05
redhatcve
redhatcve
CVE-2024-6840
2024-09-05 09:11:37
redhat
redhat
(RHSA-2024:6428) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2024-09-05 14:03:16
nessus
nessus
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:6428)
2024-09-09 00:00:00

CVSS3

6.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:N

EPSS

0

Percentile

16.3%

JSON
Related for CVELIST:CVE-2024-6840
nvd1vulnrichment1cve1redhatcve1redhat1nessus1