CVE-2024-6538
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2024-6538 is a serious vulnerability affecting OpenShift Console. This issue allows authenticated users to execute Server Side Request Forgery (SSRF) attacks by supplying all or part of a URL to the server to query. Since the server is in a privileged network position, an attacker can reach services that are not accessible to clients due to network filtering. The vulnerability lies in the /api/dev-console/proxy/internet endpoint, which allows the console's pod to perform arbitrary and fully controlled HTTP(s) requests. Despite its name, the endpoint does not impose any checks on the scope of these requests. Consequently, an attacker can ask the console to perform HTTP requests from outside the cluster to a service inside the cluster, potentially disclosing sensitive information or causing other damaging effects.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.