支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
一、 漏洞 CVE-2024-5042 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Submariner-operator: rbac permissions can allow for the spread of node compromises
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
带着不必要的权限执行
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Submariner Operator 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Submariner Operator是Submariner开源的一个在 Kubernetes 集群上安装 Submariner 组件的软件。 Submariner Operator存在安全漏洞,该漏洞源于不必要的基于角色的访问控制权限,特权攻击者可以窃取服务帐户令牌并进一步危及其他节点甚至整个集群。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
-- 0 ~ 0.14.9 -
Red HatRHODF-4.16-RHEL-9 v4.16.0-19 ~ * cpe:/a:redhat:openshift_data_foundation:4.16::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:147e1ff243a190e7db6af5a450ab9ee45a6c138beb1428605296c5a39d8c2cd9 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:457e7c141b8e04ebe23f8b89da6d2a1a86ea5be46e9893b9207bd16a1e7e92b2 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:0e1a41e4284bb482365de3b2d2e799fe4b53af86743b56ccae50a236eac23897 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:23e29e78ab6586896be041a0d759d0a47bf5a3708ba816574bc996baee4af946 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:40b76923ce5df4062bfd3a6c617874e230b4b47cf998081b0c552141d93a81b0 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:0ea607acea5d6ad4aa853cb564e7c5e462c3d5f38814e2097142d44231437bd8 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:74efeee9bddf97c549de6a6fa454d86f96d3afef8aaf2438b740403181579fcd ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:2f22bca94e282ce150235d74070465525b5fbd29070f1caec323f5f8d7be0db5 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:1f58e36602f8e8704179762e4b94898ded50bb9d4643b829ac516165d5a66fe1 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:180f30e2f7ae5a1604c9ef3e8fdcdb2af37c53019280777c61375aef9cc6dee3 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:bc06753f9f013d4eed2705d5fbd727f916eab9f72c0c4d2cc33f6f064c58ecb1 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:31bd7bff52021201beffb8f94e25635443390ed7c373fef546dd799c29a540dd ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:0cb993a3f939cd30689f10f03110a6dec8317c9c5c69ed726e78bb9c70b7f3ee ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:55351821e9c296bf419a0b6b4f8a08942303bde1f6b8c1c8d3e81d719bafd0d4 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:3d8d9e2964d1c472f29ff5a67ff2b23188dbb9add8ccaa1cfa37ad1742825bf9 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:0b5f12a165ad061ec151f9310fa5803717cb41f719802503125d982f5420edd0 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:08cd8df1f99ca92bd8c82a3ce345352f8a5223feac9f475293987dc6088bd607 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:13594f6f57bdd87477505288fee4a62c504daacdb6fc930e0c64c582edab4dbb ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:2541e3c82807ec72336aa0151f05e8576eabe710eaa660efe6fe2a98ab0eff61 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:1872fce9d3599368600ce07f81c6a2105bfdf10cb770fdeea57dd1e16f662789 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:33e368d66244b241e6eb7e39eb886fa92bf358ddb5a3f231ef3585a7e91d3726 ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Openshift Data Foundation 4.2 sha256:253711dee2d7fdbf65756583ba63a73ed796b1205369e5ed9f48c253a67f4c0a ~ * cpe:/a:redhat:openshift_data_foundation:4.20::el9
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
Red HatRed Hat Advanced Cluster Management for Kubernetes 2-cpe:/a:redhat:acm:2
二、漏洞 CVE-2024-5042 的公开POC
#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2024-5042 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same weakness: CWE-250
V. Comments for CVE-2024-5042

暂无评论

发表评论