CVE-2024-0874: Use of Cache Containing Sensitive Information
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
AI Analysis
Technical Summary
CVE-2024-0874 is a caching vulnerability in CoreDNS where responses containing the CD (checking disabled) bit are cached improperly and served later, potentially causing invalid cache entries to be returned. This flaw affects Red Hat OpenShift Container Platform versions 4.15 and 4.16. Red Hat has released updated container images and packages that fix this issue. The vulnerability has a CVSS 3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N), indicating network attack vector, low attack complexity, no privileges required, no user interaction, unchanged scope, no confidentiality or availability impact, but with integrity impact.
Potential Impact
The vulnerability may cause CoreDNS to serve invalid cached responses due to incorrect caching of responses with the CD bit set. This can lead to integrity issues in DNS responses but does not impact confidentiality or availability. There are no known exploits in the wild at this time. The issue affects Red Hat OpenShift Container Platform 4.15 and 4.16 deployments using the affected CoreDNS versions.
Mitigation Recommendations
Red Hat has released fixed container images and packages for OpenShift Container Platform versions 4.15.24 and 4.16.0 that address CVE-2024-0874. Users should upgrade their OpenShift clusters to these versions or later using the OpenShift CLI (oc) or web console as per Red Hat's official upgrade instructions. The vendor manages remediation for these products through these updates. Patch status is confirmed as fixed in these releases. No additional mitigation steps are required beyond applying the official updates.
CVE-2024-0874: Use of Cache Containing Sensitive Information
Description
A flaw was found in coredns. This issue could lead to invalid cache entries returning due to incorrectly implemented caching.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-0874 is a caching vulnerability in CoreDNS where responses containing the CD (checking disabled) bit are cached improperly and served later, potentially causing invalid cache entries to be returned. This flaw affects Red Hat OpenShift Container Platform versions 4.15 and 4.16. Red Hat has released updated container images and packages that fix this issue. The vulnerability has a CVSS 3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N), indicating network attack vector, low attack complexity, no privileges required, no user interaction, unchanged scope, no confidentiality or availability impact, but with integrity impact.
Potential Impact
The vulnerability may cause CoreDNS to serve invalid cached responses due to incorrect caching of responses with the CD bit set. This can lead to integrity issues in DNS responses but does not impact confidentiality or availability. There are no known exploits in the wild at this time. The issue affects Red Hat OpenShift Container Platform 4.15 and 4.16 deployments using the affected CoreDNS versions.
Mitigation Recommendations
Red Hat has released fixed container images and packages for OpenShift Container Platform versions 4.15.24 and 4.16.0 that address CVE-2024-0874. Users should upgrade their OpenShift clusters to these versions or later using the OpenShift CLI (oc) or web console as per Red Hat's official upgrade instructions. The vendor manages remediation for these products through these updates. Patch status is confirmed as fixed in these releases. No additional mitigation steps are required beyond applying the official updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2024-01-24T23:42:08.424Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 691362a4f922b639ab5baf73
Added to database: 11/11/2025, 4:21:56 PM
Last enriched: 4/19/2026, 5:39:39 AM
Last updated: 5/10/2026, 11:33:34 AM
Views: 185
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.