CVE-2024-5651

Summary

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the –ssh-path/–telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  –ssh-path/–telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

Affected Software

VendorProductVersion RangeStatus
0.4.0 < 0.4.1-22affected
Red HatFence Agents Remediation 0.4 for RHEL 8v0.4.1-22 < *unaffected
Red HatFence Agents Remediation 0.4 for RHEL 8v0.4.1-22 < *unaffected

Weaknesses

  • CWE-94: Improper Control of Generation of Code ('Code Injection')

Workarounds

Do not allow unprivileged users create FenceAgentsRemediation and FenceAgentsRemediationTemplate resources.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References