RedhatCVELIST:CVE-2024-7387CVE-2024-7387 Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
16.4%
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the spec.source.secrets.secret.destinationDir attribute of the BuildConfig definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.12",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.12.0-202409121032.p1.g609473f.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.13",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.13.0-202409120505.p1.g2c7e99d.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.14",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.14.0-202409111409.p1.g52565ca.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.15",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.15.0-202409101936.p1.ge7749a3.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.15::el8",
"cpe:/a:redhat:openshift:4.15::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-docker-builder-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.16.0-202409101737.p1.gfee4b58.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
]
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
Percentile
16.4%