Vulnerability in Open Cluster Management Impacting Cluster-Manager Deployments

CVE-2024-9779

7.5HIGH

Key Information

Vendor: Red Hat
Vendor: CVE Published:; 17 December 2024

Summary

CVE-2024-9779 is a critical vulnerability found within Open Cluster Management (OCM) that allows unauthorized access to cluster-manager deployments. If an attacker gains access to a worker node, they can exploit this flaw due to a permissive service account configuration. The cluster-manager deployment utilizes a service account sharing its name with the ClusterRole, granting permissions to create Pod resources. An attacker controlling a node can obtain the sensitive cluster-manager token, allowing them to access and manipulate the entire cluster by mounting malicious service accounts. This poses a significant risk to the confidentiality, integrity, and availability of managed clusters, necessitating immediate attention and remediation.

References

https://access.redhat.com/security/cve/CVE-2024-9779

https://bugzilla.redhat.com/show_bug.cgi?id=2317916

https://github.com/open-cluster-management-io/ocm/pull/325

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 17, 2024

Collectors

NVD Database