CVE-2025-12103
Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
28 oct 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster.
TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster
Additionally users can access all `persistentvolumeclaims` and `lmevaljobs`
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Productos afectados
Red Hat · Red Hat OpenShift AI 2.25Red Hat · Red Hat OpenShift AI 3Red Hat · Red Hat OpenShift AI (RHOAI)¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →