A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node.
References
Configurations
No configuration.
History
08 May 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Apr 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Apr 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Mar 2024, 14:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 Mar 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-07 20:15
Updated : 2024-05-08 02:15
NVD link : CVE-2024-1725
Mitre link : CVE-2024-1725
CVE.ORG link : CVE-2024-1725
JSON object : View
Products Affected
No product.
CWE
CWE-501
Trust Boundary Violation