Impact
The vulnerability allows an authenticated user to submit arbitrarily deep GraphQL queries to the Central API. Those requests consume large amounts of CPU and memory, exhausting resources in the management plane and causing a denial of service. The weakness is a classic resource exhaustion condition.
Affected Systems
Red Hat Advanced Cluster Security 4 for Kubernetes is affected. No further sub‑version detail is provided, so all instances running version 4 are at risk.
Risk and Exploitability
The CVSS score of 7.7 marks it as high severity, but the EPSS score of less than 1% indicates a very low likelihood of exploitation. It is not listed in the CISA KEV catalog. The attack requires an authenticated user with a valid API token; an attacker needs to obtain or be granted API credentials before being able to exploit the flaw.
OpenCVE Enrichment