{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-5042", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-05-17T03:54:30.320Z", "datePublished": "2024-05-17T13:12:00.551Z", "dateUpdated": "2024-09-16T16:23:08.571Z"}, "containers": {"cna": {"title": "Submariner-operator: rbac permissions can allow for the spread of node compromises", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster."}], "affected": [{"vendor": "Red Hat", "product": "RHODF-4.16-RHEL-9", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "odf4/odf-multicluster-rhel9-operator", "defaultStatus": "affected", "versions": [{"version": "v4.16.0-19", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:openshift_data_foundation:4.16::el9"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/lighthouse-agent-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/lighthouse-coredns-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/submariner-gateway-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/submariner-globalnet-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/submariner-rhel8-operator", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}, {"vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhacm2/submariner-route-agent-rhel8", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:acm:2"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:4591", "name": "RHSA-2024:4591", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5042", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921", "name": "RHBZ#2280921", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/advisories/GHSA-2rhx-qhxp-5jpw"}], "datePublic": "2024-05-16T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-250", "description": "Execution with Unnecessary Privileges", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-250: Execution with Unnecessary Privileges", "timeline": [{"lang": "en", "time": "2024-05-15T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-16T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-09-16T16:23:08.571Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5042", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-20T14:43:37.969142Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T18:01:39.816Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:03:10.599Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:4591", "name": "RHSA-2024:4591", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5042", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921", "name": "RHBZ#2280921", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://github.com/advisories/GHSA-2rhx-qhxp-5jpw", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:4591", "name": "RHSA-2024:4591", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5042", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921", "name": "RHBZ#2280921", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://github.com/advisories/GHSA-2rhx-qhxp-5jpw", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:03:10.599Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-5042", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-05-20T14:43:37.969142Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-20T14:43:55.603Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Submariner-operator: rbac permissions can allow for the spread of node compromises", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}}], "affected": [{"cpes": ["cpe:/a:redhat:openshift_data_foundation:4.16::el9"], "vendor": "Red Hat", "product": "RHODF-4.16-RHEL-9", "versions": [{"status": "unaffected", "version": "v4.16.0-19", "lessThan": "*", "versionType": "rpm"}], "packageName": "odf4/odf-multicluster-rhel9-operator", "collectionURL": "https://catalog.redhat.com/software/containers/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/lighthouse-agent-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/lighthouse-coredns-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/submariner-gateway-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/submariner-globalnet-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/submariner-rhel8-operator", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:acm:2"], "vendor": "Red Hat", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "packageName": "rhacm2/submariner-route-agent-rhel8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2024-05-15T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-05-16T00:00:00+00:00", "value": "Made public."}], "datePublic": "2024-05-16T00:00:00+00:00", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:4591", "name": "RHSA-2024:4591", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-5042", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921", "name": "RHBZ#2280921", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/advisories/GHSA-2rhx-qhxp-5jpw"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "Execution with Unnecessary Privileges"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-09-16T16:23:08.571Z"}, "x_redhatCweChain": "CWE-250: Execution with Unnecessary Privileges"}}, "cveMetadata": {"cveId": "CVE-2024-5042", "state": "PUBLISHED", "dateUpdated": "2024-09-16T16:23:08.571Z", "dateReserved": "2024-05-17T03:54:30.320Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-05-17T13:12:00.551Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en el proyecto Submariner. Debido a permisos innecesarios de control de acceso basados en roles, un atacante privilegiado puede ejecutar un contenedor malicioso en un nodo que puede permitirle robar tokens de cuentas de servicio y comprometer a\u00fan m\u00e1s otros nodos y potencialmente todo el cl\u00faster."}], "id": "CVE-2024-5042", "lastModified": "2024-07-17T16:15:05.160", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 4.7, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2024-05-17T14:15:21.123", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:4591"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2024-5042"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921"}, {"source": "secalert@redhat.com", "url": "https://github.com/advisories/GHSA-2rhx-qhxp-5jpw"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:4591", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-multicluster-rhel9-operator:v4.16.0-19", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-07-17T00:00:00Z"}], "bugzilla": {"description": "submariner-operator: RBAC permissions can allow for the spread of node compromises", "id": "2280921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280921"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N", "status": "verified"}, "cwe": "CWE-250", "details": ["A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.", "A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster."], "name": "CVE-2024-5042", "package_state": [{"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/lighthouse-agent-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/lighthouse-coredns-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/submariner-gateway-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/submariner-globalnet-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/submariner-rhel8-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/submariner-route-agent-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}], "public_date": "2024-05-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-5042\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-5042\nhttps://github.com/advisories/GHSA-2rhx-qhxp-5jpw"], "statement": "For the submariner operator in Red Hat Advanced Cluster Management for Kubernetes, the submariner-security outlined potential vulnerabilities regarding RBAC permissions being too broad. Those permissions make it possible to create, patch or update statefulsets or replicasets resources. This may allow new privileged containers escaping them and gaining root privileges on any worker nodes where those containers have been deployed within the cluster.", "threat_severity": "Moderate", "upstream_fix": "submariner-operator 0.16.4"}