Lucene search

GitHub Advisory DatabaseGHSA-2RHX-QHXP-5JPW

HistoryMay 17, 2024 - 3:31 p.m.

Submariner Operator sets unnecessary RBAC permissions in helm charts

2024-05-1715:31:10

CWE-250

GitHub Advisory Database

github.com

submariner

rbac

flaw

permissions

attacker

container

compromise

cluster

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.

Affected configurations

Vulners

Node

github_advisory_databasegithub.com\/submariner-io\/submariner-operatorRange≤0.18.0-m3

github_advisory_databasegithub.com\/submariner-io\/submariner-operatorRange<0.16.4

CPENameOperatorVersion
github.com/submariner-io/submariner-operatorle0.18.0-m3
github.com/submariner-io/submariner-operatorlt0.16.4

CPE	Name	Operator	Version
	github.com/submariner-io/submariner-operator	le	0.18.0-m3
	github.com/submariner-io/submariner-operator	lt	0.16.4

References

access.redhat.com/security/cve/CVE-2024-5042

bugzilla.redhat.com/show_bug.cgi?id=2280921

github.com/advisories/GHSA-2rhx-qhxp-5jpw

github.com/submariner-io/submariner-operator/commit/b27a04c4270e53cbff6ff8ac6245db10c204bcab

github.com/submariner-io/submariner-operator/issues/3041

github.com/submariner-io/submariner-operator/pull/3040

nvd.nist.gov/vuln/detail/CVE-2024-5042

6.6 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N

6.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

Related for GHSA-2RHX-QHXP-5JPW