CVE-2025-5417
BaseFortify
Publication date: 2025-08-19
Last updated on: 2025-08-19
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| red_hat | developer_hub | 1.7.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-5417 is an insufficient access control vulnerability in the Red Hat Developer Hub's rhdh/rhdh-hub-rhel9 container image. It allows a cluster admin or user with standard access to the Red Hat Developer Hub namespace to access and modify the container image's contents without proper authorization. Although the modifications affect the confidentiality and integrity of the data, any changes are temporary and reset when the pod restarts. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing unauthorized users with standard access to modify the container image's contents, compromising the confidentiality and integrity of the data within the container. However, these changes are not permanent and will be reset after the pod restarts. This could lead to potential data exposure or tampering during the time the changes persist. [1]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, restrict cluster admin and user access to the Red Hat Developer Hub namespace and the rhdh/rhdh-hub-rhel9 container image to only trusted personnel. Since modifications to the container image are reset upon pod restart, regularly restarting affected pods can help revert unauthorized changes. Additionally, monitor and audit access controls to ensure insufficient access control issues are addressed promptly. [1]