CVE-2024-6538 — Vulnetix

CVE-2024-6538 PUBLISHED CVSS 5.300000190734863 MEDIUM

A flaw was found in OpenShift Console. A Server Side Request Forgery (SSRF) attack can happen if an attacker supplies all or part of a URL to the server to query. The server is considered to be in a privileged network position and can often reach exposed services that aren't readily available to clients due to network filtering. Leveraging such an attack vector, the attacker can have an impact on other services and potentially disclose information or have other nefarious effects on the system. The /api/dev-console/proxy/internet endpoint on the OpenShift Console allows authenticated users to have the console's pod perform arbitrary and fully controlled HTTP(s) requests. The full response to these requests is returned by the endpoint. While the name of this endpoint suggests the requests are only bound to the internet, no such checks are in place. An authenticated user can therefore ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.

EPSS 0.17% · 38.5th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.17%

38.5th percentile

Affected Products

Vendor	Product	Versions
		6.0.0, 6.0.0
Red Hat	Red Hat OpenShift Container Platform 4.14	sha256:5593067bbf79e50ab9ed89c684c8ee03b4b2a0b6443068459967df623c0643de, *
Red Hat	Red Hat OpenShift Container Platform 4.16	v4.16.0-202506020836.p0.g94ae640.assembly.stream.el9, v4.16.0-202506020836.p0.g94ae640.assembly.stream.el9
Red Hat	Red Hat OpenShift Container Platform 4.15	sha256:8d6e2390929560bdddddf8caab133f14fa50dbd53a5e551f134680837778e180, *
Red Hat	Red Hat OpenShift Container Platform 4.17	v4.17.0-202505280435.p0.gf9c412e.assembly.stream.el9, 4.17.0-202505280435.p0.gf9c412e.assembly.stream.el9
Red Hat	Red Hat OpenShift Container Platform 4.18	v4.18.0-202505150334.p0.g75bc164.assembly.stream.el9, v4.18.0-202505150334.p0.g75bc164.assembly.stream.el9
github.com	openshift/console	0, 0

Timeline

Nov 25, 2024 CVE Published
Nov 26, 2024 EPSS Score
Dec 14, 2024 EPSS Score
Dec 31, 2024 EPSS Score
Jan 18, 2025 EPSS Score
Feb 4, 2025 EPSS Score
Feb 6, 2025 Coalition ESS Score
Feb 21, 2025 EPSS Score
Mar 10, 2025 EPSS Score
Mar 12, 2025 Coalition ESS Score
Mar 12, 2025 PoC Published
Mar 20, 2025 Coalition ESS Score

References

RHSA-2025:14397 vendor-advisory
RHSA-2025:19058 vendor-advisory
RHSA-2025:7863 vendor-advisory
RHSA-2025:8280 vendor-advisory
RHSA-2025:8556 vendor-advisory
https://access.redhat.com/security/cve/CVE-2024-6538 vdb
RHBZ#2296057 issue
https://nvd.nist.gov/vuln/detail/CVE-2024-6538 advisory
https://github.com/openshift/console package

Open in Interactive Console →