CVE-2024-7387
Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy
A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Produtos afetados
openshift/builderRed Hat · Red Hat OpenShift Container Platform 4.12Red Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17PoCs públicas encontradas — 1
githubgithub.com/pairofglasses/cve-2024-7387★ 0⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2024:3718https://access.redhat.com/errata/RHSA-2024:6685https://access.redhat.com/errata/RHSA-2024:6687https://access.redhat.com/errata/RHSA-2024:6689https://access.redhat.com/errata/RHSA-2024:6691https://access.redhat.com/errata/RHSA-2024:6705https://access.redhat.com/security/cve/CVE-2024-7387https://bugzilla.redhat.com/show_bug.cgi?id=2302259https://github.com/openshift/builder/commit/0b62633adfa2836465202bc851885e078ec888d1https://stuxxn.github.io/advisory/2024/10/02/openshift-build-docker-priv-esc.html