A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2024-05-17T13:12:00.551Z
Updated: 2024-06-04T18:01:39.816Z
Reserved: 2024-05-17T03:54:30.320Z
Link: CVE-2024-5042
JSON object: View
NVD Information
Status : Awaiting Analysis
Published: 2024-05-17T14:15:21.123
Modified: 2024-05-20T06:15:08.723
Link: CVE-2024-5042
JSON object: View
Redhat Information
No data.
CWE