CVE-2024-1725

6.5MEDIUM

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's v

Published: 3/7/2024Updated: 3/26/2025
View on NVDView on MITRE

Description

A flaw was found in the kubevirt-csi component of OpenShift Virtualization's Hosted Control Plane (HCP). This issue could allow an authenticated attacker to gain access to the root HCP worker node's volume by creating a custom Persistent Volume that matches the name of a worker node.

AI AnalysisPowered by AI

Affected Products

redhatopenshift_container_platform
4.13
redhatopenshift_container_platform
4.14
redhatopenshift_container_platform
4.15
redhatopenshift_container_platform_for_arm64
4.13
redhatopenshift_container_platform_for_arm64
4.14
redhatopenshift_container_platform_for_arm64
4.15
redhatopenshift_container_platform_for_ibm_z
4.13
redhatopenshift_container_platform_for_ibm_z
4.14
redhatopenshift_container_platform_for_ibm_z
4.15
redhatopenshift_container_platform_for_linuxone
4.13
redhatopenshift_container_platform_for_linuxone
4.14
redhatopenshift_container_platform_for_linuxone
4.15
redhatopenshift_container_platform_for_power
4.13
redhatopenshift_container_platform_for_power
4.14
redhatopenshift_container_platform_for_power
4.15

References