CNNVD-202510-3832 Information

CNNVD ID

CNNVD-202510-3832

Related CVE

CVE-2025-12103

• CNNVD Published: 2025-10-28

Description (Chinese)

Red Hat OpenShift AI是美国红帽（Red Hat）公司的一款面向AI的生命周期管理平台。 Red Hat OpenShift AI存在安全漏洞，该漏洞源于TrustyAI组件为集群上的所有服务账户和用户授予了获取、列出和监视集群上任何命名空间中任何pod的权限，可能导致信息泄露。

Description (English)

Red Hat OpenShift AI is an AI-oriented life-cycle management platform for Red Hat. Red Hat OpenShift AI has a security loophole, which stems from the fact that all service accounts and users of the TrustyAI component on the cluster have been granted permission to acquire, list and monitor any pod in any namespace on the cluster, which could lead to a leak of information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

红帽

Published

2025-10-28

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-12103 https://bugzilla.redhat.com/show_bug.cgi?id=2405966

Patch

https://www.redhat.com/en/technologies/cloud-computing/openshift