Openshift Builder Vulnerability: Command Injection via Path Traversal
CVE-2024-7387

9.1CRITICAL

Key Information:

Status: Red Hat Openshift Container Platform 4.12; Red Hat Openshift Container Platform 4.13; Red Hat Openshift Container Platform 4.14
Vendor: CVE Published:; 17 September 2024

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2024-7387?

A vulnerability exists in OpenShift Builder where improper handling of file paths can lead to command injection. An attacker who exploits this vulnerability could gain the ability to execute arbitrary commands on the host running the builder container. This flaw specifically affects the use of the ‘Docker’ strategy within OpenShift, as malicious users can override executable files in the privileged build container using the spec.source.secrets.secret.destinationDir attribute in the BuildConfig definition. Should an attacker gain access to a privileged container, they could potentially escalate their permissions on the OpenShift node, leading to significant security implications.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cve-2024-7387
Created by fatcatresearch

cve-2024-7387
Created by 0xSigSegv0x00