CVE-2024-1139: Exposure of Sensitive Information to an Unauthorized Actor
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
AI Analysis
Technical Summary
CVE-2024-1139 is a credentials leak vulnerability found in the cluster monitoring operator component of Red Hat OpenShift Container Platform (OCP). The flaw allows an attacker with basic login credentials to remotely access pod manifests and obtain repository pull secrets, which are sensitive credentials used for container image access. The vulnerability affects OCP versions 4.14 and 4.15. Red Hat has issued security advisories (RHSA-2024:1887 for 4.15 and RHSA-2024:1891 for 4.14) that include updated container images and packages fixing this issue. The CVSS v3.1 base score is 7.7, reflecting high severity with network attack vector, low attack complexity, and no user interaction required. The vulnerability impacts confidentiality but not integrity or availability.
Potential Impact
An attacker with basic login credentials can exploit this vulnerability to access sensitive repository pull secrets by inspecting pod manifests in the cluster monitoring operator. This exposure could lead to unauthorized access to container image repositories, potentially facilitating further unauthorized actions or lateral movement within the environment. The vulnerability does not affect system integrity or availability directly but compromises confidentiality of sensitive credentials.
Mitigation Recommendations
Red Hat has released official security updates addressing CVE-2024-1139 in OpenShift Container Platform versions 4.15.10 and 4.14.22. Users should upgrade their clusters to these versions or later to fully mitigate the vulnerability. The vendor manages remediation through updated container images and packages available via the OpenShift CLI or web console. Detailed upgrade instructions are provided in the Red Hat OpenShift documentation. No additional mitigations are indicated or required beyond applying these official fixes.
CVE-2024-1139: Exposure of Sensitive Information to an Unauthorized Actor
Description
A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2024-1139 is a credentials leak vulnerability found in the cluster monitoring operator component of Red Hat OpenShift Container Platform (OCP). The flaw allows an attacker with basic login credentials to remotely access pod manifests and obtain repository pull secrets, which are sensitive credentials used for container image access. The vulnerability affects OCP versions 4.14 and 4.15. Red Hat has issued security advisories (RHSA-2024:1887 for 4.15 and RHSA-2024:1891 for 4.14) that include updated container images and packages fixing this issue. The CVSS v3.1 base score is 7.7, reflecting high severity with network attack vector, low attack complexity, and no user interaction required. The vulnerability impacts confidentiality but not integrity or availability.
Potential Impact
An attacker with basic login credentials can exploit this vulnerability to access sensitive repository pull secrets by inspecting pod manifests in the cluster monitoring operator. This exposure could lead to unauthorized access to container image repositories, potentially facilitating further unauthorized actions or lateral movement within the environment. The vulnerability does not affect system integrity or availability directly but compromises confidentiality of sensitive credentials.
Mitigation Recommendations
Red Hat has released official security updates addressing CVE-2024-1139 in OpenShift Container Platform versions 4.15.10 and 4.14.22. Users should upgrade their clusters to these versions or later to fully mitigate the vulnerability. The vendor manages remediation through updated container images and packages available via the OpenShift CLI or web console. Detailed upgrade instructions are provided in the Red Hat OpenShift documentation. No additional mitigations are indicated or required beyond applying these official fixes.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- redhat
- Date Reserved
- 2024-01-31T20:48:06.154Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 690021eeba6dffc5e2226804
Added to database: 10/28/2025, 1:52:46 AM
Last enriched: 4/19/2026, 5:39:45 AM
Last updated: 5/9/2026, 9:58:50 AM
Views: 266
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.