CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-7387: Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

Description

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.

Classification

CVE ID: CVE-2024-7387

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 15.26% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://access.redhat.com/errata/RHSA-2024:6685
https://access.redhat.com/errata/RHSA-2024:6687
https://access.redhat.com/errata/RHSA-2024:6689
https://access.redhat.com/errata/RHSA-2024:6691
https://access.redhat.com/errata/RHSA-2024:6705
https://access.redhat.com/security/cve/CVE-2024-7387
https://bugzilla.redhat.com/show_bug.cgi?id=2302259
https://stuxxn.github.io/advisory/2024/10/02/openshift-build-docker-priv-esc.html

Timeline

2025-01-04 00:30:23 UTC
CVE

Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy