A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.
Metrics
Affected Vendors & Products
References
History
Tue, 14 Jul 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 13 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes. | |
| Title | Redhatinsights/incluster-checks: incluster-checks: privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root | |
| First Time appeared |
Redhat
Redhat pdrive Lightspeed |
|
| Weaknesses | CWE-250 | |
| CPEs | cpe:/a:redhat:pdrive_lightspeed:1 | |
| Vendors & Products |
Redhat
Redhat pdrive Lightspeed |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-14T14:32:25.141Z
Reserved: 2026-07-13T11:47:02.045Z
Link: CVE-2026-15584
Updated: 2026-07-14T14:19:08.977Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T22:00:18Z