Authorities warned that Red Hat OpenShift Container Platform 4 contains two high-severity vulnerabilities that can lead to code execution and node takeover in enterprise container environments. CVE-2024-45496 in ose-openshift-controller-manager-container carries a CVSS 9.9 rating and can allow arbitrary code execution on an OpenShift node when a user with developer-level access exploits insufficient restrictions on elevated privileges. CVE-2024-7387 in openshift4/ose-docker-builder, rated CVSS 9.1, can enable arbitrary command execution on an OpenShift node and may allow privilege escalation and full control of the affected node. At the time of the alert, mitigations were available but vendor patches had not yet been released.
A separate alert highlighted the regreSSHion flaw in OpenSSH, which can give an attacker unrestricted root-level access on vulnerable Linux and FreeBSD-based systems. The issue affects OpenSSH versions from 8.5p1 up to but not including 9.8p1, as well as versions earlier than 4.4p1; OpenBSD-based systems were reported as not vulnerable. Successful exploitation has been confirmed on systems using glibc, while systems using musl libc were reported as not vulnerable, and the attack currently requires repeated attempts over hours or days. A fix is available in OpenSSH 9.8p1, though some distributors have backported the patch, meaning package version numbers alone may not reliably indicate exposure.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
2 events from the most recent confirmed update back to the earliest known activity.
Two high-severity vulnerabilities, CVE-2024-45496 and CVE-2024-7387, were disclosed in Red Hat OpenShift Container Platform 4 components. At the time of disclosure, mitigations were available but no corrective patches had yet been released, and users were advised to follow vendor mitigation guidance.
A critical OpenSSH vulnerability known as regreSSHion was disclosed, affecting OpenSSH versions earlier than 9.8p1 on vulnerable Linux and FreeBSD-based systems. The vendor released a fix in OpenSSH 9.8p1, while some distributors also backported the patch to older package versions.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
3 references tracked. Mallory keeps watching after this page renders.
kyberturvallisuuskeskus.fi
Open sourcekyberturvallisuuskeskus.fi
Open sourcekyberturvallisuuskeskus.fi
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.