CVE-2024-12582

Summary

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the "admin" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.

Affected Software

VendorProductVersion RangeStatus
0 < 1.8.3affected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 92.7.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected
Red HatService Interconnect 1 for RHEL 91.8.3-1 < *unaffected

Weaknesses

  • CWE-305: Authentication Bypass by Primary Weakness

Workarounds

For users running skupper on Red Hat OpenShift, the OpenShift authentication should be used. Otherwise, use "unsecured" where authentication is not a primary concern.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References