Root Node Volume Access Vulnerability Discovered in OpenShift Virtualization's HCP
CVE-2024-1725

6.5MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Openshift Container Platform 4.13
Red Hat Openshift Container Platform 4.14
Red Hat Openshift Container Platform 4.15
Vendor
CVE Published:
7 March 2024

What is CVE-2024-1725?

A vulnerability exists within the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane, which may allow an authenticated attacker to gain unauthorized access to the root volume of HCP worker nodes. This is achieved through the creation of a tailored Persistent Volume that corresponds with the worker node's name. If exploited, this flaw could lead to significant security breaches, as it enables potential modification or access of sensitive information residing in the root volume. It is crucial for users to assess their deployments and apply necessary updates to mitigate this risk.

References

https://access.redhat.com/errata/RHSA-2024:1559
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1891
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2047
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.