CVE-2024-5042
Published: May 17, 2024
Modified: Jun 2, 2026
CVSS v3.1
6.6
Description
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
| Vendor | Product | Versions |
|---|---|---|
Unknown | submariner-operator | affected 0 - < 0.14.9affected 0.15.0 - < 0.15.5affected 0.16.0 - < 0.16.7affected 0.17.0 - < 0.17.2affected 0.18.0-m0 - < 0.18.0-rc0 |
Red Hat | RHODF-4.16-RHEL-9 | unaffected v4.16.0-19 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774540992 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774540668 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541259 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541345 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541880 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541518 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541420 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541448 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541663 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541469 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774542075 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541617 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541614 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541633 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541625 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541625 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774542179 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541779 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541857 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541919 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774541919 - < * |
Red Hat | Red Hat Openshift Data Foundation 4.2 | unaffected 1774542101 - < * |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now