CVE-2024-6538

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Nov 25, 2024
CWE ID 918

Summary

CVE-2024-6538 is a serious vulnerability affecting OpenShift Console. This issue allows authenticated users to execute Server Side Request Forgery (SSRF) attacks by supplying all or part of a URL to the server to query. Since the server is in a privileged network position, an attacker can reach services that are not accessible to clients due to network filtering. The vulnerability lies in the /api/dev-console/proxy/internet endpoint, which allows the console's pod to perform arbitrary and fully controlled HTTP(s) requests. Despite its name, the endpoint does not impose any checks on the scope of these requests. Consequently, an attacker can ask the console to perform HTTP requests from outside the cluster to a service inside the cluster, potentially disclosing sensitive information or causing other damaging effects.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share