CVE-2024-25133

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Dec 31, 2024
CWE ID 284

Summary

CVE-2024-25133 is a newly discovered vulnerability affecting the Hive ClusterDeployments resource in Red Hat OpenShift Dedicated. In specific scenarios, this issue permits a developer account in a Hive-enabled cluster to elevate privileges to cluster-admin status by executing unauthorized commands on the hive/hive-controllers pod. This vulnerability poses a significant risk, as it allows unintended access to critical cluster functionality and could potentially lead to data breaches or system compromises. It is crucial that affected organizations apply the necessary patches to mitigate this risk promptly.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share