CVE-2025-12103 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-12103 PUBLISHED CVSS 5 MEDIUM

A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster Additionally users can access all `persistentvolumeclaims` and `lmevaljobs`

EPSS 0.04% · 11.0th percentile

Risk Scores

CVSS v3.1

5

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

EPSS Score

0.04%

11.0th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat OpenShift AI (RHOAI)
Red Hat	Red Hat OpenShift AI 3.0	sha256:43322a7cecd6fe3309faa160bf92d88518c23b98c6467e5e868a9dbdd3f16b36

Timeline

Oct 23, 2025 CVE ID Reserved
Oct 28, 2025 Coalition ESS Score
Oct 28, 2025 CVE Published
Oct 28, 2025 PoC Published
Oct 29, 2025 EPSS Score
Oct 30, 2025 Coalition ESS Score
Nov 3, 2025 EPSS Score
Nov 4, 2025 Coalition ESS Score
Nov 8, 2025 EPSS Score
Nov 12, 2025 Coalition ESS Score
Nov 13, 2025 EPSS Score
Nov 18, 2025 EPSS Score

References

RHSA-2025:21117 vendor-advisory
https://access.redhat.com/security/cve/CVE-2025-12103 vdb
RHBZ#2405966 issue
https://nvd.nist.gov/vuln/detail/CVE-2025-12103 advisory

Open in Interactive Console →