CVE-2024-5042 Information

Description

A flaw was found in the Submariner project. Due to unnecessary role-based access control permissions a privileged attacker can run a malicious container on a node that may allow them to steal service account tokens and further compromise other nodes and potentially the entire cluster.

Reference

https://access.redhat.com/security/cve/CVE-2024-5042 https://bugzilla.redhat.com/show_bug.cgi?id=2280921