CVE-2024-5042: Execution with Unnecessary Privileges
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
AI Analysis
Technical Summary
The vulnerability CVE-2024-5042 in the Submariner project arises from unnecessary RBAC permissions that permit a privileged attacker to execute a malicious container on a node. This can lead to theft of service account tokens and potential compromise of additional nodes and the entire cluster. The issue affects Submariner versions 0 through 0.18.0-m0. Red Hat's advisories for OpenShift Data Foundation 4.16.0 and 4.20.9 include security updates that address this vulnerability. The CVSS v3.1 base score is 6.6, with vector AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N, reflecting network attack vector, high attack complexity, high privileges required, no user interaction, scope changed, low confidentiality impact, high integrity impact, and no availability impact.
Potential Impact
An attacker with privileged access can exploit this vulnerability to run malicious containers on nodes, enabling theft of service account tokens. This can facilitate lateral movement within the cluster, potentially compromising other nodes and the entire cluster. The confidentiality and integrity of the cluster are impacted, while availability is not affected. There are no known exploits in the wild currently.
Mitigation Recommendations
Red Hat has released official security updates for OpenShift Data Foundation versions 4.16.0 and 4.20.9 that address CVE-2024-5042. Users should apply these updates as per the vendor's instructions. The advisories recommend ensuring all previously released errata are applied before updating. Since this is not a cloud service, remediation requires applying the vendor-provided patches. Patch status is confirmed by the vendor advisories linked in the references.
CVE-2024-5042: Execution with Unnecessary Privileges
Description
A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions, a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The vulnerability CVE-2024-5042 in the Submariner project arises from unnecessary RBAC permissions that permit a privileged attacker to execute a malicious container on a node. This can lead to theft of service account tokens and potential compromise of additional nodes and the entire cluster. The issue affects Submariner versions 0 through 0.18.0-m0. Red Hat's advisories for OpenShift Data Foundation 4.16.0 and 4.20.9 include security updates that address this vulnerability. The CVSS v3.1 base score is 6.6, with vector AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N, reflecting network attack vector, high attack complexity, high privileges required, no user interaction, scope changed, low confidentiality impact, high integrity impact, and no availability impact.
Potential Impact
An attacker with privileged access can exploit this vulnerability to run malicious containers on nodes, enabling theft of service account tokens. This can facilitate lateral movement within the cluster, potentially compromising other nodes and the entire cluster. The confidentiality and integrity of the cluster are impacted, while availability is not affected. There are no known exploits in the wild currently.
Mitigation Recommendations
Red Hat has released official security updates for OpenShift Data Foundation versions 4.16.0 and 4.20.9 that address CVE-2024-5042. Users should apply these updates as per the vendor's instructions. The advisories recommend ensuring all previously released errata are applied before updating. Since this is not a cloud service, remediation requires applying the vendor-provided patches. Patch status is confirmed by the vendor advisories linked in the references.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2024-05-17T03:54:30.320Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/errata/RHSA-2024:4591","vendor":"Red Hat"},{"url":"https://access.redhat.com/errata/RHSA-2026:6503","vendor":"Red Hat"},{"url":"https://access.redhat.com/security/cve/CVE-2024-5042","vendor":"Red Hat"}]
Threat ID: 69135f1ff922b639ab566fde
Added to database: 11/11/2025, 4:06:55 PM
Last enriched: 4/24/2026, 11:07:58 PM
Last updated: 5/9/2026, 8:35:40 AM
Views: 142
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.