CVE-2024-50311

Summary

A denial of service (DoS) vulnerability was found in OpenShift. This flaw allows attackers to exploit the GraphQL batching functionality. The vulnerability arises when multiple queries can be sent within a single request, enabling an attacker to submit a request containing thousands of aliases in one query. This issue causes excessive resource consumption, leading to application unavailability for legitimate users.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat OpenShift Container Platform 4.18v4.18.0-202502110632.p0.g24ccf7a.assembly.stream.el9 < *unaffected

Weaknesses

  • CWE-770: Allocation of Resources Without Limits or Throttling

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References