CVE-2024-6538

Name of the Vulnerable Software and Affected Versions OpenShift Console (affected versions not specified)

Description A flaw was found in OpenShift Console, allowing a Server Side Request Forgery (SSRF) attack to occur if an attacker supplies all or part of a URL to the server to query. The server, being in a privileged network position, can reach exposed services that aren't readily available to clients due to network filtering. This can potentially disclose information or have other nefarious effects on the system. The /api/dev-console/proxy/internet endpoint allows authenticated users to perform arbitrary and fully controlled HTTP(s) requests, and the full response to these requests is returned by the endpoint. Although the endpoint's name suggests requests are only bound to the internet, no such checks are in place, allowing an authenticated user to ask the console to perform arbitrary HTTP requests from outside the cluster to a service inside the cluster.

Recommendations As a temporary workaround, consider restricting access to the /api/dev-console/proxy/internet endpoint until a patch is available. Restrict access to the OpenShift Console to minimize the risk of exploitation. Avoid using the OpenShift Console to perform arbitrary HTTP requests until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.