Description

A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.

INFO

Published Date :

2024-05-17T13:12:00.551Z

Last Modified :

2026-04-24T14:17:18.993Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2024-5042 vulnerability.

Vendors Products
Redhat
  • Acm
  • Openshift Data Foundation
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-5042.

URL Resource
https://access.redhat.com/errata/RHSA-2024:4591 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2026:6503 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-5042 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2280921 cve-icon cve-icon
https://github.com/advisories/GHSA-2rhx-qhxp-5jpw cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-5042 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-5042 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact