Fence Agents Vulnerability can lead to Privilege Escalation

CVE-2024-5651
8.8HIGH

Key Information

Vendor
Red Hat
Status
Fence Agents Remediation 0.4 For Rhel 8
Vendor
CVE Published:
12 August 2024

Summary

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

Affected Version(s)

Fence Agents Remediation 0.4 for RHEL 8 <= v0.4.1-22

Fence Agents Remediation 0.4 for RHEL 8 <= v0.4.1-22

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Risk change from: null to: 8.8 - (HIGH)

  • Vulnerability published.

  • Vulnerability Reserved.

  • Reported to Red Hat.

Collectors

NVD DatabaseMitre Database

Credit

This issue was discovered by Thibault Guittet (Red Hat).
.