Multiple vulnerabilities in OpenShift Container Platform for Windows Containers 7.2
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-5321 CVE-2024-2398 |
| CWE-ID | CWE-276 CWE-772 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
OpenShift Container Platform for Windows Containers Server applications / Virtualization software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Incorrect default permissions
EUVDB-ID: #VU96953
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-5321
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information or alter container logs
The vulnerability exists due to incorrect default permissions in Kubernetes clusters with Windows nodes. A local user with access to the system can view and modify contents of the container logs.
Install updates from vendor's website.
OpenShift Container Platform for Windows Containers: before 7.2.2
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2024:6734
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Missing Release of Resource after Effective Lifetime
EUVDB-ID: #VU87850
Risk: Medium
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-2398
CWE-ID:
CWE-772 - Missing Release of Resource after Effective Lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when sending HTTP/2 server push responses with an overly large number of headers. A remote attacker can send PUSH_PROMISE frames with an excessive amount of headers to the application, trigger memory leak and perform a denial of service (DoS) attack.
Install updates from vendor's website.
OpenShift Container Platform for Windows Containers: before 7.2.2
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2024:6734
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
