Risk Scores
CVSS v3.1
4.400000095367432
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.09%
24.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | OpenShift Serverless | |
| Red Hat | Cryostat 3 | |
| Red Hat | OpenShift Serverless | |
| github.com | cert-manager/cert-manager | 0, 1.16.0-alpha.0, 1.13.0-alpha.0 |
| Red Hat | Red Hat OpenShift GitOps | |
| Red Hat | Red Hat OpenShift Container Platform 4 | |
| Red Hat | OpenShift Serverless | |
| Red Hat | Red Hat Openshift Data Foundation 4 | |
| Red Hat | Multicluster Engine for Kubernetes | |
| Red Hat | cert-manager Operator for Red Hat OpenShift | |
| Red Hat | cert-manager Operator for Red Hat OpenShift | |
| 0, 1.13.0-alpha.0, 1.16.0-alpha.0 | ||
| Red Hat | cert-manager Operator for Red Hat OpenShift | |
| Red Hat | Red Hat Connectivity Link 1 | |
| Red Hat | Multicluster Engine for Kubernetes | |
| Red Hat | cert-manager Operator for Red Hat OpenShift | |
| Red Hat | Red Hat Connectivity Link 1 | |
| Red Hat | OpenShift Serverless | |
| Red Hat | OpenShift Serverless | |
| Red Hat | OpenShift Serverless |
…and 2 more
Timeline
- Nov 20, 2024 CVE Published
- Dec 12, 2024 PoC Published
- Dec 13, 2024 EPSS Score
- Dec 29, 2024 EPSS Score
- Jan 14, 2025 EPSS Score
- Jan 30, 2025 EPSS Score
- Feb 15, 2025 EPSS Score
- Mar 4, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Apr 5, 2025 EPSS Score
- Apr 21, 2025 EPSS Score
- Apr 27, 2025 Coalition ESS Score
References
- https://access.redhat.com/security/cve/CVE-2024-12401 vdb
- RHBZ#2327929 issue
- https://github.com/cert-manager/cert-manager/pull/7400 url
- https://github.com/cert-manager/cert-manager/pull/7401 url
- https://github.com/cert-manager/cert-manager/pull/7402 url
- https://github.com/cert-manager/cert-manager/pull/7403 url
- https://github.com/cert-manager/cert-manager/security/advisories/GHSA-r4pg-vg54-wxx4 url
- https://go.dev/issue/50116 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-12401 advisory
- https://github.com/cert-manager/cert-manager package