Description
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 13 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes. | |
| Title | Redhatinsights/incluster-checks: incluster-checks: privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root | |
| First Time appeared |
Redhat
Redhat pdrive Lightspeed |
|
| Weaknesses | CWE-250 | |
| CPEs | cpe:/a:redhat:pdrive_lightspeed:1 | |
| Vendors & Products |
Redhat
Redhat pdrive Lightspeed |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-13T12:01:06.562Z
Reserved: 2026-07-13T11:47:02.045Z
Link: CVE-2026-15584
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-250
Execution with Unnecessary Privileges