A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-05-17T13:12:00.551Z
Updated: 2024-09-16T16:23:08.571Z
Reserved: 2024-05-17T03:54:30.320Z
Link: CVE-2024-5042
Vulnrichment
Updated: 2024-08-01T21:03:10.599Z
NVD
Status : Awaiting Analysis
Published: 2024-05-17T14:15:21.123
Modified: 2024-07-17T16:15:05.160
Link: CVE-2024-5042
Redhat