cvedb.io
CVE-2024-5037
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2024-06-05T18:15:11.747 · Last modified 2026-06-17T08:14:57.353

Summary

A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication.

Affected products

redhat — openshift_container_platform

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.