Metrics
Affected Vendors & Products
Fri, 03 Oct 2025 11:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | 
Thu, 02 Oct 2025 16:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | 
Thu, 02 Oct 2025 15:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| References |  | 
Thu, 02 Oct 2025 15:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openshift_ai:2.16::el8 cpe:/a:redhat:openshift_ai:2.22::el9 | |
| References |  | 
Wed, 01 Oct 2025 09:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| CPEs | cpe:/a:redhat:openshift_ai:2.19::el8 cpe:/a:redhat:openshift_ai:2.21::el9 | |
| References |  | 
Tue, 30 Sep 2025 21:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Tue, 30 Sep 2025 18:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | No description is available for this CVE. | A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it. | 
| Title | openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin | Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin | 
| First Time appeared | Redhat Redhat openshift Ai | |
| CPEs | cpe:/a:redhat:openshift_ai | |
| Vendors & Products | Redhat Redhat openshift Ai | |
| References |  | 
Tue, 30 Sep 2025 00:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | No description is available for this CVE. | |
| Title | openshift-ai: Overly Permissive ClusterRole Allows Authenticated Users to Escalate Privileges to Cluster Admin | |
| Weaknesses | CWE-266 | |
| References |  | |
| Metrics | threat_severity 
 | cvssV3_1 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: redhat
Published: 2025-09-30T17:47:08.577Z
Updated: 2025-10-06T14:14:40.017Z
Reserved: 2025-09-19T13:40:32.975Z
Link: CVE-2025-10725
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-09-30T18:32:37.705Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-09-30T18:15:47.900
Modified: 2025-10-02T19:12:17.160
Link: CVE-2025-10725
 Redhat
                        Redhat