Vulnerability-Lookup

CVE-2024-5651 (GCVE-0-2024-5651)

Vulnerability from cvelistv5 – Published: 2024-08-12 05:46 – Updated: 2025-11-06 20:54

Title

Fence-agents-remediation: fence agent command line options leads to remote code execution

Summary

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:5453	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-5651	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2290540	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 0.4.0 , < 0.4.1-22 (semver)

	Red Hat	Fence Agents Remediation 0.4 for RHEL 8	Unaffected: v0.4.1-22 , < * (rpm) cpe:/a:redhat:workload_availability_far:0.4::el8
	Red Hat	Fence Agents Remediation 0.4 for RHEL 8	Unaffected: v0.4.1-22 , < * (rpm) cpe:/a:redhat:workload_availability_far:0.4::el8

Credits

This issue was discovered by Thibault Guittet (Red Hat).

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5651",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-13T20:15:45.156124Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T20:16:05.719Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/medik8s/fence-agents-remediation",
          "defaultStatus": "affected",
          "packageName": "fence-agents-remediation",
          "versions": [
            {
              "lessThan": "0.4.1-22",
              "status": "affected",
              "version": "0.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:workload_availability_far:0.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "workload-availability/fence-agents-remediation-operator-bundle",
          "product": "Fence Agents Remediation 0.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.1-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:workload_availability_far:0.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "workload-availability/fence-agents-remediation-rhel8-operator",
          "product": "Fence Agents Remediation 0.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.1-22",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Thibault Guittet (Red Hat)."
        }
      ],
      "datePublic": "2024-08-12T05:28:54.268Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T20:54:54.038Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:5453",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5453"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-5651"
        },
        {
          "name": "RHBZ#2290540",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290540"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-05T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-12T05:28:54.268000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Fence-agents-remediation: fence agent command line options leads to remote code execution",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not allow unprivileged users create FenceAgentsRemediation and FenceAgentsRemediationTemplate resources."
        }
      ],
      "x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-5651",
    "datePublished": "2024-08-12T05:46:16.035Z",
    "dateReserved": "2024-06-05T09:57:33.499Z",
    "dateUpdated": "2025-11-06T20:54:54.038Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-5651\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-08-12T13:38:37.863\",\"lastModified\":\"2024-08-30T14:15:16.820\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en los agentes de valla que dependen de SSH/Telnet. Esta vulnerabilidad puede permitir una primitiva de ejecuci\u00f3n remota de c\u00f3digo (RCE) al proporcionar un comando arbitrario para ejecutar en los argumentos --ssh-path/--telnet-path. Un usuario con pocos privilegios, por ejemplo, un usuario con acceso de desarrollador, puede crear un FenceAgentsRemediation especialmente manipulado para que un agente de valla admita argumentos --ssh-path/--telnet-path para ejecutar comandos arbitrarios en el m\u00f3dulo del operador. Este RCE conduce a una escalada de privilegios, primero como la cuenta de servicio que ejecuta el operador y luego a otra cuenta de servicio con privilegios de administrador del cl\u00faster.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:5453\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-5651\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2290540\",\"source\":\"secalert@redhat.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5651\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-13T20:15:45.156124Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-13T20:16:01.848Z\"}}], \"cna\": {\"title\": \"Fence-agents-remediation: fence agent command line options leads to remote code execution\", \"credits\": [{\"lang\": \"en\", \"value\": \"This issue was discovered by Thibault Guittet (Red Hat).\"}], \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"versions\": [{\"status\": \"affected\", \"version\": \"0.4.0\", \"lessThan\": \"0.4.1-22\", \"versionType\": \"semver\"}], \"packageName\": \"fence-agents-remediation\", \"collectionURL\": \"https://github.com/medik8s/fence-agents-remediation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_far:0.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Fence Agents Remediation 0.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"v0.4.1-22\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"workload-availability/fence-agents-remediation-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_far:0.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Fence Agents Remediation 0.4 for RHEL 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"v0.4.1-22\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"workload-availability/fence-agents-remediation-rhel8-operator\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-06-05T00:00:00+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-08-12T05:28:54.268000+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-08-12T05:28:54.268Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2024:5453\", \"name\": \"RHSA-2024:5453\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-5651\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2290540\", \"name\": \"RHBZ#2290540\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Do not allow unprivileged users create FenceAgentsRemediation and FenceAgentsRemediationTemplate resources.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-11-06T20:54:54.038Z\"}, \"x_redhatCweChain\": \"CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-5651\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T20:54:54.038Z\", \"dateReserved\": \"2024-06-05T09:57:33.499Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-08-12T05:46:16.035Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

GHSA-76QM-C9J2-WM6V

Vulnerability from github – Published: 2024-08-12 15:30 – Updated: 2024-08-30 15:31

Details

A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

Severity ?

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-5651"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-12T13:38:37Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.",
  "id": "GHSA-76qm-c9j2-wm6v",
  "modified": "2024-08-30T15:31:26Z",
  "published": "2024-08-12T15:30:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5651"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:5453"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-5651"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290540"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

RHSA-2024:5453

Vulnerability from csaf_redhat - Published: 2024-08-15 08:10 - Updated: 2025-11-21 19:09

Summary

Red Hat Security Advisory: Fence Agents Remediation 0.4.1 - Security update

Notes

Topic

This is an updated version of the Fence Agents Remediation Operator. This Operator is delivered by Red Hat Workload Availability, and version 0.4.1 is now available for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The Fence Agents Remediation Operator fences and remediates nodes using well-known agents. The remediation includes fencing the unhealthy node, using a fencing agent, and then evicting workloads from the unhealthy node. Security Fix: * fence-agent: Fence Agent Command Line Options Leads to Remote Code Execution (CVE-2024-5651) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "This is an updated version of the Fence Agents Remediation Operator. This Operator is delivered by Red Hat Workload Availability, and version 0.4.1 is now available for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Fence Agents Remediation Operator fences and remediates nodes using\nwell-known agents. The remediation includes fencing the unhealthy node,\nusing a fencing agent, and then evicting workloads from the unhealthy node.\n\nSecurity Fix:\n\n* fence-agent: Fence Agent Command Line Options Leads to Remote Code Execution (CVE-2024-5651)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:5453",
        "url": "https://access.redhat.com/errata/RHSA-2024:5453"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2290540",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290540"
      },
      {
        "category": "external",
        "summary": "ECOPROJECT-2024",
        "url": "https://issues.redhat.com/browse/ECOPROJECT-2024"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5453.json"
      }
    ],
    "title": "Red Hat Security Advisory: Fence Agents Remediation 0.4.1 - Security update",
    "tracking": {
      "current_release_date": "2025-11-21T19:09:48+00:00",
      "generator": {
        "date": "2025-11-21T19:09:48+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2024:5453",
      "initial_release_date": "2024-08-15T08:10:14+00:00",
      "revision_history": [
        {
          "date": "2024-08-15T08:10:14+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-08-15T08:10:14+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T19:09:48+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Fence Agents Remediation 0.4 for RHEL 8",
                "product": {
                  "name": "Fence Agents Remediation 0.4 for RHEL 8",
                  "product_id": "8Base-FENCE-AGENTS-REMEDIATION-0.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:workload_availability_far:0.4::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Workload Availability"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
                "product": {
                  "name": "workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
                  "product_id": "workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0?arch=amd64\u0026repository_url=registry.redhat.io/workload-availability/fence-agents-remediation-operator-bundle\u0026tag=v0.4.1-22"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64",
                "product": {
                  "name": "workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64",
                  "product_id": "workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988?arch=amd64\u0026repository_url=registry.redhat.io/workload-availability/fence-agents-remediation-rhel8-operator\u0026tag=v0.4.1-22"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64 as a component of Fence Agents Remediation 0.4 for RHEL 8",
          "product_id": "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64"
        },
        "product_reference": "workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
        "relates_to_product_reference": "8Base-FENCE-AGENTS-REMEDIATION-0.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64 as a component of Fence Agents Remediation 0.4 for RHEL 8",
          "product_id": "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64"
        },
        "product_reference": "workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64",
        "relates_to_product_reference": "8Base-FENCE-AGENTS-REMEDIATION-0.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Thibault Guittet"
          ],
          "organization": "Red Hat",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2024-5651",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "discovery_date": "2024-06-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2290540"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "fence-agents-remediation: Fence Agent Command Line Options Leads to Remote Code Execution",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is specific to the Fence Agents Remediation operator and does not affect fence-agents itself.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
          "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-5651"
        },
        {
          "category": "external",
          "summary": "RHBZ#2290540",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290540"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-5651",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-5651"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5651",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5651"
        }
      ],
      "release_date": "2024-08-12T05:28:54.268000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-08-15T08:10:14+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:5453"
        },
        {
          "category": "workaround",
          "details": "Do not allow unprivileged users create FenceAgentsRemediation and FenceAgentsRemediationTemplate resources.",
          "product_ids": [
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-operator-bundle@sha256:f5dda99364d07df3a3680a2d7031c27df071c8e80746b1ececb5487240e9bbb0_amd64",
            "8Base-FENCE-AGENTS-REMEDIATION-0.4:workload-availability/fence-agents-remediation-rhel8-operator@sha256:b0abc89cdccc6fe6510143d8a2440fd277e69b47f83cfda3e61782f50f88a988_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "fence-agents-remediation: Fence Agent Command Line Options Leads to Remote Code Execution"
    }
  ]
}

FKIE_CVE-2024-5651

Vulnerability from fkie_nvd - Published: 2024-08-12 13:38 - Updated: 2024-08-30 14:15

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:5453
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-5651
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2290540

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting\u00a0 --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator\u0027s pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en los agentes de valla que dependen de SSH/Telnet. Esta vulnerabilidad puede permitir una primitiva de ejecuci\u00f3n remota de c\u00f3digo (RCE) al proporcionar un comando arbitrario para ejecutar en los argumentos --ssh-path/--telnet-path. Un usuario con pocos privilegios, por ejemplo, un usuario con acceso de desarrollador, puede crear un FenceAgentsRemediation especialmente manipulado para que un agente de valla admita argumentos --ssh-path/--telnet-path para ejecutar comandos arbitrarios en el m\u00f3dulo del operador. Este RCE conduce a una escalada de privilegios, primero como la cuenta de servicio que ejecuta el operador y luego a otra cuenta de servicio con privilegios de administrador del cl\u00faster."
    }
  ],
  "id": "CVE-2024-5651",
  "lastModified": "2024-08-30T14:15:16.820",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-08-12T13:38:37.863",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2024:5453"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-5651"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290540"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

WID-SEC-W-2024-1866

Vulnerability from csaf_certbund - Published: 2024-08-14 22:00 - Updated: 2024-08-14 22:00

Summary

Red Hat Enterprise Linux (Fence Agents Remediation): Schwachstelle ermöglicht Codeausführung

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1866 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1866.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1866 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1866"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory vom 2024-08-14",
        "url": "https://access.redhat.com/errata/RHSA-2024:5453"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux (Fence Agents Remediation): Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
    "tracking": {
      "current_release_date": "2024-08-14T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:12:22.380+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1866",
      "initial_release_date": "2024-08-14T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-08-14T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "Red Hat Enterprise Linux 8",
                  "product_id": "T036934",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Fence Agents Remediation \u003c0.4.1",
                "product": {
                  "name": "Red Hat Enterprise Linux Fence Agents Remediation \u003c0.4.1",
                  "product_id": "T036935"
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-5651",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Red Hat Enterprise Linux. Dieser Fehler besteht im Fence Agents Remediation Operator aufgrund eines Code-Injektionsproblems. Durch das Senden einer speziell gestalteten Fence-Agent-Eingabe kann ein entfernter authentifizierter Angreifer diese Schwachstelle ausnutzen, um beliebigen Code auszuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036934"
        ]
      },
      "release_date": "2024-08-14T22:00:00.000+00:00",
      "title": "CVE-2024-5651"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-5651 (GCVE-0-2024-5651)

GHSA-76QM-C9J2-WM6V

RHSA-2024:5453

FKIE_CVE-2024-5651

WID-SEC-W-2024-1866

Tags

Sightings

Nomenclature