CVE-2024-5651

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.
Configurations

No configuration.

History

30 Aug 2024, 14:15

Type Values Removed Values Added
Summary (en) A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges. (en) A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

19 Aug 2024, 17:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:5453 -
Summary
  • (es) Se encontró una falla en los agentes de valla que dependen de SSH/Telnet. Esta vulnerabilidad puede permitir una primitiva de ejecución remota de código (RCE) al proporcionar un comando arbitrario para ejecutar en los argumentos --ssh-path/--telnet-path. Un usuario con pocos privilegios, por ejemplo, un usuario con acceso de desarrollador, puede crear un FenceAgentsRemediation especialmente manipulado para que un agente de valla admita argumentos --ssh-path/--telnet-path para ejecutar comandos arbitrarios en el módulo del operador. Este RCE conduce a una escalada de privilegios, primero como la cuenta de servicio que ejecuta el operador y luego a otra cuenta de servicio con privilegios de administrador del clúster.

12 Aug 2024, 13:41

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 13:38

Updated : 2024-08-30 14:15


NVD link : CVE-2024-5651

Mitre link : CVE-2024-5651

CVE.ORG link : CVE-2024-5651


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')