CVE-2025-12805
Unauthorized Access in Red Hat OpenShift AI llama-stack-operator
Publication date: 2026-03-26
Last updated on: 2026-04-30
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| redhat | openshift_ai | 2.25 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-653 | The product does not properly compartmentalize or isolate functionality, processes, or resources that require different privilege levels, rights, or permissions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Red Hat OpenShift AI (RHOAI) llama-stack-operator. It allows unauthorized users to access Llama Stack services that are deployed in other namespaces by making direct network requests. The root cause is the absence of a NetworkPolicy that restricts access to the llama-stack service endpoint. Consequently, a user operating in one namespace can reach another user's Llama Stack instance.
This unauthorized access can lead to viewing or manipulating sensitive data belonging to other users.
How can this vulnerability impact me? :
The vulnerability can have serious impacts including unauthorized access to sensitive data and potential manipulation of that data by users from different namespaces. This compromises data confidentiality and integrity within the affected Red Hat OpenShift AI environment.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to Llama Stack services across namespaces, potentially exposing or allowing manipulation of sensitive data belonging to other users.
Such unauthorized access and potential data exposure could lead to non-compliance with data protection regulations and standards like GDPR and HIPAA, which require strict controls on access to sensitive data.