1
Open CVEs
0
Exploited
0
KEV
1
Unpatched
0
No Workaround
1
Internet-facing
Why this provider is risky now
This provider has 1 open CVE(s) in the last 7 days. 1 have no vendor patch. 1 affect internet-facing services.
1 Unpatched
1 Internet-facing
Top Risky CVEs
Service Account token disclosure in Red Hat OpenShift AI odh-dashboard component exposes Kubernetes credentials through unprotected NodeJS endpoint. Low-privilege authenticated attackers can retrieve service account tokens enabling unauthorized access to Kubernetes cluster resources. Affects Red Hat OpenShift AI 2.16 and multiple RHOAI versions. Cross-scope impact allows privilege escalation beyond dashboard component boundaries. No public exploit identified at time of analysis.
Within 24 hours: Inventory all Red Hat OpenShift AI deployments and document versions currently in production. Within 7 days: Restrict network access to odh-dashboard endpoints using network policies and firewall rules, limiting access to only authorized administrators; implement API request logging and monitoring for token retrieval attempts. Within 30 days: Apply vendor-released patch immediately upon availability; contact Red Hat support for hotfix options if available; consider temporary environment isolation of affected RHOAI clusters until patched.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Internet-facing technique: authentication-bypass
- • Third-party ICT: Red Hat
- • No patch available
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Red Hat (Infrastructure & Virtualization)
- • No remediation available
8.5
CVSS
0.1%
EPSS
43
Priority
By Exposure
Internet-facing
1
Mgmt / Admin Plane
0
Identity / Auth
0
Internal only
0
By Exploitability
Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
0
Local only
0
By Remediation
Patch available
0
No patch
1
Workaround available
1
No workaround
0