Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Red Hat OpenShift AI 3 by Red Hat

    CVE-2025-12103 (GCVE-0-2025-12103)

    Vulnerability from nvd – Published: 2025-10-28 13:31 – Updated: 2026-04-23 15:57
    VLAI
    Title
    Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace
    Summary
    A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster Additionally users can access all `persistentvolumeclaims` and `lmevaljobs`
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:21117 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10184 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-12103 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2405966 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat OpenShift AI 2.25 Unaffected: sha256:6503aa2b0c29d01b947b6fde383850d03dcb2b9f9d70cf417b9e90d5e99d1740 , < * (rpm)
        cpe:/a:redhat:openshift_ai:2.25::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI 3 Unaffected: sha256:2015d93a8f499c4b3706fb1b1323db2e455154cb20219ceef82b79894239a51b , < * (rpm)
        cpe:/a:redhat:openshift_ai:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Date Public
    2025-10-28 09:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-28T13:43:51.831220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-19T14:44:07.440Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai:2.25::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-ta-lmes-driver-rhel9",
              "product": "Red Hat OpenShift AI 2.25",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:6503aa2b0c29d01b947b6fde383850d03dcb2b9f9d70cf417b9e90d5e99d1740",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai:3.0::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-trustyai-service-operator-rhel9",
              "product": "Red Hat OpenShift AI 3",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:2015d93a8f499c4b3706fb1b1323db2e455154cb20219ceef82b79894239a51b",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-trustyai-service-operator-rhel8",
              "product": "Red Hat OpenShift AI (RHOAI)",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-10-28T09:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to  get, list, watch any pod in any namespace on the cluster.\n\nTrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster \n\nAdditionally users can access all `persistentvolumeclaims` and `lmevaljobs`"
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-23T15:57:51.810Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:21117",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21117"
            },
            {
              "name": "RHSA-2026:10184",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:10184"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-12103"
            },
            {
              "name": "RHBZ#2405966",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405966"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-10-23T02:53:02.820Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-10-28T09:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-12103",
        "datePublished": "2025-10-28T13:31:59.318Z",
        "dateReserved": "2025-10-23T02:55:38.369Z",
        "dateUpdated": "2026-04-23T15:57:51.810Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-12103 (GCVE-0-2025-12103)

    Vulnerability from cvelistv5 – Published: 2025-10-28 13:31 – Updated: 2026-04-23 15:57
    VLAI
    Title
    Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace
    Summary
    A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to get, list, watch any pod in any namespace on the cluster. TrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster Additionally users can access all `persistentvolumeclaims` and `lmevaljobs`
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://access.redhat.com/errata/RHSA-2025:21117 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/errata/RHSA-2026:10184 vendor-advisoryx_refsource_REDHAT
    https://access.redhat.com/security/cve/CVE-2025-12103 vdb-entryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=2405966 issue-trackingx_refsource_REDHAT
    Impacted products
    Vendor Product Version
    Red Hat Red Hat OpenShift AI 2.25 Unaffected: sha256:6503aa2b0c29d01b947b6fde383850d03dcb2b9f9d70cf417b9e90d5e99d1740 , < * (rpm)
        cpe:/a:redhat:openshift_ai:2.25::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI 3 Unaffected: sha256:2015d93a8f499c4b3706fb1b1323db2e455154cb20219ceef82b79894239a51b , < * (rpm)
        cpe:/a:redhat:openshift_ai:3.0::el9
    Create a notification for this product.
    Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
    Create a notification for this product.
    Date Public
    2025-10-28 09:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-28T13:43:51.831220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-19T14:44:07.440Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai:2.25::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-ta-lmes-driver-rhel9",
              "product": "Red Hat OpenShift AI 2.25",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:6503aa2b0c29d01b947b6fde383850d03dcb2b9f9d70cf417b9e90d5e99d1740",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://catalog.redhat.com/software/containers/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai:3.0::el9"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-trustyai-service-operator-rhel9",
              "product": "Red Hat OpenShift AI 3",
              "vendor": "Red Hat",
              "versions": [
                {
                  "lessThan": "*",
                  "status": "unaffected",
                  "version": "sha256:2015d93a8f499c4b3706fb1b1323db2e455154cb20219ceef82b79894239a51b",
                  "versionType": "rpm"
                }
              ]
            },
            {
              "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
              "cpes": [
                "cpe:/a:redhat:openshift_ai"
              ],
              "defaultStatus": "affected",
              "packageName": "rhoai/odh-trustyai-service-operator-rhel8",
              "product": "Red Hat OpenShift AI (RHOAI)",
              "vendor": "Red Hat"
            }
          ],
          "datePublic": "2025-10-28T09:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw was found in Red Hat Openshift AI Service. The TrustyAI component is granting all service accounts and users on a cluster permissions to  get, list, watch any pod in any namespace on the cluster.\n\nTrustyAI is creating a role `trustyai-service-operator-lmeval-user-role` and a CRB `trustyai-service-operator-default-lmeval-user-rolebinding` which is being applied to `system:authenticated` making it so that every single user or service account can get a list of pods running in any namespace on the cluster \n\nAdditionally users can access all `persistentvolumeclaims` and `lmevaljobs`"
            }
          ],
          "metrics": [
            {
              "other": {
                "content": {
                  "namespace": "https://access.redhat.com/security/updates/classification/",
                  "value": "Moderate"
                },
                "type": "Red Hat severity rating"
              }
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-23T15:57:51.810Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2025:21117",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2025:21117"
            },
            {
              "name": "RHSA-2026:10184",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2026:10184"
            },
            {
              "tags": [
                "vdb-entry",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/security/cve/CVE-2025-12103"
            },
            {
              "name": "RHBZ#2405966",
              "tags": [
                "issue-tracking",
                "x_refsource_REDHAT"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405966"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-10-23T02:53:02.820Z",
              "value": "Reported to Red Hat."
            },
            {
              "lang": "en",
              "time": "2025-10-28T09:00:00.000Z",
              "value": "Made public."
            }
          ],
          "title": "Openshift-ai: trusty ai grants all authenticated users to list pods in any namespace",
          "workarounds": [
            {
              "lang": "en",
              "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
            }
          ],
          "x_generator": {
            "engine": "cvelib 1.8.0"
          },
          "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2025-12103",
        "datePublished": "2025-10-28T13:31:59.318Z",
        "dateReserved": "2025-10-23T02:55:38.369Z",
        "dateUpdated": "2026-04-23T15:57:51.810Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }