CVE-2024-3154

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Apr 26, 2024
CWE ID 77

Summary

CVE-2024-3154 is a vulnerability found in cri-o, which allows an arbitrary systemd property to be injected via a Pod annotation. This flaw enables any user with the ability to create a pod with an arbitrary annotation to perform unauthorized actions on the host system. It affects the product "m1ofhw". To remediate this vulnerability, users should update their cri-o software to a patched version. This vulnerability poses a high danger to organizations as it has a base severity of HIGH and can lead to unauthorized access and control of the host system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-3154 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options