A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod.
Metrics
Affected Vendors & Products
References
History
Thu, 06 Feb 2025 08:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 31 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 31 Dec 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod. | |
Title | Openshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalation | |
Weaknesses | CWE-284 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published: 2024-12-31T14:25:19.455Z
Updated: 2025-02-06T08:27:21.124Z
Reserved: 2024-02-05T18:35:14.363Z
Link: CVE-2024-25133

Updated: 2024-12-31T14:55:50.376Z

Status : Awaiting Analysis
Published: 2024-12-31T15:15:08.283
Modified: 2025-02-06T09:15:10.650
Link: CVE-2024-25133

No data.