cvelistv5 - cve-2024-12582

cve-2024-12582

Vulnerability from cvelistv5

Published

2024-12-24 03:31

Modified

2025-02-13 20:00

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Summary

A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the "admin" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.

References

▼	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:1413
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-12582
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2333540

Impacted products

Vendor

Product

Version

▼

Red Hat

Service Interconnect 1 for RHEL 9

Unaffected: 1.8.3-1 < *
cpe:/a:redhat:service_interconnect:1::el9

Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 2.7.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9
Red Hat	Service Interconnect 1 for RHEL 9	Unaffected: 1.8.3-1 < * cpe:/a:redhat:service_interconnect:1::el9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12582",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-24T15:41:49.727197Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-24T15:41:56.899Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-config-sync-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-controller-podman-container-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-controller-podman-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-flow-collector-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-operator-bundle",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-router-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.7.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-service-controller-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "service-interconnect/skupper-site-controller-rhel9",
          "product": "Service Interconnect 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.8.3-1",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "datePublic": "2024-12-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \"admin\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-305",
              "description": "Authentication Bypass by Primary Weakness",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-13T20:00:50.048Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:1413",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1413"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12582"
        },
        {
          "name": "RHBZ#2333540",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333540"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-20T17:33:05.858000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-12-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Skupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "For users running skupper on Red Hat OpenShift, the OpenShift authentication should be used. Otherwise, use \"unsecured\" where authentication is not a primary concern."
        }
      ],
      "x_redhatCweChain": "CWE-305: Authentication Bypass by Primary Weakness"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12582",
    "datePublished": "2024-12-24T03:31:24.896Z",
    "dateReserved": "2024-12-12T17:10:04.729Z",
    "dateUpdated": "2025-02-13T20:00:50.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-12582\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-12-24T04:15:05.137\",\"lastModified\":\"2025-02-13T14:15:28.700\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \\\"admin\\\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una falla en la consola del cl\u00faster, una interfaz de solo lectura que muestra la red del cl\u00faster, detalles de tr\u00e1fico y m\u00e9tricas para una aplicaci\u00f3n de red que un usuario configura en un entorno h\u00edbrido de m\u00faltiples nubes. Cuando se utiliza el m\u00e9todo de autenticaci\u00f3n predeterminado, se genera una contrase\u00f1a aleatoria para el usuario \\\"admin\\\" y se conserva en un secreto de Kubernetes o en un volumen podman en un archivo de texto plano. Este m\u00e9todo de autenticaci\u00f3n puede ser manipulado por un atacante, lo que lleva a la lectura de cualquier archivo legible por el usuario en el sistema de archivos contenedor, lo que afecta directamente la confidencialidad de los datos. Adem\u00e1s, el atacante puede inducir a la recopilaci\u00f3n a leer archivos extremadamente grandes en la memoria, lo que provoca el agotamiento de los recursos y un ataque de denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-305\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:1413\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-12582\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2333540\",\"source\":\"secalert@redhat.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-12582\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-24T15:41:49.727197Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-24T15:41:53.334Z\"}}], \"cna\": {\"title\": \"Skupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of service\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-config-sync-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-controller-podman-container-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-controller-podman-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-flow-collector-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-operator-bundle\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"2.7.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-router-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-service-controller-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Service Interconnect 1 for RHEL 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"1.8.3-1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"service-interconnect/skupper-site-controller-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-12-20T17:33:05.858000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2024-12-20T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2024-12-20T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:1413\", \"name\": \"RHSA-2025:1413\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2024-12582\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2333540\", \"name\": \"RHBZ#2333540\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"For users running skupper on Red Hat OpenShift, the OpenShift authentication should be used. Otherwise, use \\\"unsecured\\\" where authentication is not a primary concern.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \\\"admin\\\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-305\", \"description\": \"Authentication Bypass by Primary Weakness\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-02-13T20:00:50.048Z\"}, \"x_redhatCweChain\": \"CWE-305: Authentication Bypass by Primary Weakness\"}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-12582\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T20:00:50.048Z\", \"dateReserved\": \"2024-12-12T17:10:04.729Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2024-12-24T03:31:24.896Z\", \"assignerShortName\": \"redhat\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

rhsa-2025:1413

Vulnerability from csaf_redhat

Published

2025-02-13 13:36

Modified

2025-02-13 22:11

Summary

Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8

Notes

Topic

Updated service-interconnect container images are now available for Service Interconnect 1.8 for RHEL 9.

Details

Users of service-interconnect 1.8 rhel9 container images are advised to upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. Users of these images are also encouraged to rebuild all container images that depend on these images. You can find images updated by this advisory in the Red Hat Container Catalog

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated service-interconnect container images are now available for Service Interconnect 1.8 for RHEL 9.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Users of service-interconnect 1.8 rhel9 container images are advised\nto upgrade to these updated images, which contain backported patches to correct security issues and fix bugs. \nUsers of these images are also encouraged to rebuild all container images that depend on these images.\nYou can find images updated by this advisory in the Red Hat Container Catalog",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:1413",
        "url": "https://access.redhat.com/errata/RHSA-2025:1413"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://docs.redhat.com/en/documentation/red_hat_service_interconnect/1.8/",
        "url": "https://docs.redhat.com/en/documentation/red_hat_service_interconnect/1.8/"
      },
      {
        "category": "external",
        "summary": "SKUPPER-2421",
        "url": "https://issues.redhat.com/browse/SKUPPER-2421"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1413.json"
      }
    ],
    "title": "Red Hat Security Advisory: Updated service-interconnect rhel9 container images for 1.8",
    "tracking": {
      "current_release_date": "2025-02-13T22:11:33+00:00",
      "generator": {
        "date": "2025-02-13T22:11:33+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.3.1"
        }
      },
      "id": "RHSA-2025:1413",
      "initial_release_date": "2025-02-13T13:36:26+00:00",
      "revision_history": [
        {
          "date": "2025-02-13T13:36:26+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-02-13T13:36:26+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-13T22:11:33+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Service Interconnect 1",
                "product": {
                  "name": "Red Hat Service Interconnect 1",
                  "product_id": "9Base-Service-Interconnect-1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:service_interconnect:1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Service Interconnect"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
                "product": {
                  "name": "service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
                  "product_id": "service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e?arch=arm64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c?arch=s390x\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
                "product": {
                  "name": "service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
                  "product_id": "service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-operator-bundle\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf?arch=amd64\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
                  "product_id": "service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-config-sync-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                  "product_id": "service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                  "product_id": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-controller-podman-container-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
                  "product_id": "service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-flow-collector-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
                  "product_id": "service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-router-rhel9\u0026tag=2.7.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
                  "product_id": "service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-service-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
                "product": {
                  "name": "service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
                  "product_id": "service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae?arch=ppc64le\u0026repository_url=registry.redhat.io/service-interconnect/skupper-site-controller-rhel9\u0026tag=1.8.3-1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64"
        },
        "product_reference": "service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64"
        },
        "product_reference": "service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x"
        },
        "product_reference": "service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64"
        },
        "product_reference": "service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64"
        },
        "product_reference": "service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64"
        },
        "product_reference": "service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64 as a component of Red Hat Service Interconnect 1",
          "product_id": "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64"
        },
        "product_reference": "service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64",
        "relates_to_product_reference": "9Base-Service-Interconnect-1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-12582",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "discovery_date": "2024-12-20T17:33:05.858000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333540"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \"admin\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "skupper: skupper-cli: Flawed authentication method may lead to arbitrary file read or Denial of Service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity due to the risk of data confidentiality breaches and potential denial-of-service attacks where attackers can manipulate the default authentication method to access sensitive files and exhaust system resources by reading large files, affecting both data integrity and service availability in hybrid multi-cloud environments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
          "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-12582"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333540",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333540"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-12582",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-12582"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12582",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12582"
        }
      ],
      "release_date": "2024-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-02-13T13:36:26+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:1413"
        },
        {
          "category": "workaround",
          "details": "For users running skupper on Red Hat OpenShift, the OpenShift authentication should be used. Otherwise, use \"unsecured\" where authentication is not a primary concern.",
          "product_ids": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:1295e200d17990691eafb81b27cf3470b450144c3ad722e21df9538fcbc7c208_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:7618fc19f3325851020ec9c1b6552592a0c2484ba238c0bfb469340a310df37e_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:848deb2c27d84ce7498295e7c91b1c7d11a22c53692432ee1c21507eff24abbb_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-config-sync-rhel9@sha256:9a778e9671bf2358a82157a71a5a44bdff5994011055da7b282385f2749ebcad_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-container-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:2a2cd3547297ee363edcba7a167ac5088e5fae8bac79967a80fbb7686c9c6e3f_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:516d3996965709f1a89b7e2692666dd3b92b671a04c58dd583c74724fa942f74_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:66bb656c87675a77a6f470d3a111198f9ff1e633220c4a6a15712c3e812944a5_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-controller-podman-rhel9@sha256:f62c2aeb6596726982a64dc26fff41be472621534a0a9be378c01886a0cbef07_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:42b2af616a922f72a65a7ab5a02e2506282699e18ddc647155141d658c7b93f9_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:8fff312ea23c1efa9350feb0ff8c25049bc5ab2d9dbbaa42700048143156faa0_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:a440c928d04936f0967ff1a8bdef1ff415b8f4fab452fe810672513b0f104fc2_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-flow-collector-rhel9@sha256:bb15e3fa38da5cf8bd1a792bd96eac1851c654eb5b48bd4069b630aa91fbf7dc_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:77167367a239f6b6f74c72f42a9ec000388ef4d4ad0b2db801cff90087bbef5f_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-operator-bundle@sha256:7c7cb0a599234ad47c58009568ace604cdf3f1f812f71577b2ec526a79a83090_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:1f7bf2aa04958ac29c92331c76d83df6d3536bd6c46c0d1ffdda162bba06ccea_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:2da7ebec8102961bb46959befff852bf8c677dacec34cec88f98cfde3f660259_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:50a9ad352a792093ab7be06bce7a698d7c58cba350d0d80cd889f4b4f1cef9a3_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-router-rhel9@sha256:bc7ae0d5ece311d421fbe83ea279939b9d8e025ee7bd39acc85d8d6a2d245945_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:7f3d7c8e5c8b6470985fa3b360ea51266110b9a37f93215f15d330d05998518d_amd64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:8bf67875e0da525ebab54adeeb99b58f0be32b6000b89a68436c774cf6f77356_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:b4ac5e4968bc953384410bfe4a98678e501f9672fdb999c2dcf91ce1fdf83f0e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-service-controller-rhel9@sha256:f2f7f9a189fafa00681d180d54513bfc25182784a9a66e43b66872f463f9bedc_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:530d4208f5730eee653060965590eb64a938480e37fdcfc26d42154cd7f06e6c_s390x",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:bad620d6b8756c20b4b5b2d033f2d5b6a08423aafe80bb399c37fa55dc76af4e_arm64",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:eb5a7e71df9727634403fc9d06357d9b51371d4fe3630116917e57b04a446cae_ppc64le",
            "9Base-Service-Interconnect-1:service-interconnect/skupper-site-controller-rhel9@sha256:f16e6cd907804fb1743f01100eb11c32de9da8c65e6d47c8f4e69d1cac69bbaf_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "skupper: skupper-cli: Flawed authentication method may lead to arbitrary file read or Denial of Service"
    }
  ]
}

fkie_cve-2024-12582

Vulnerability from fkie_nvd

Published

2024-12-24 04:15

Modified

2025-02-13 14:15

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Summary

References

▼	URL	Tags
	secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:1413
	secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-12582
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2333540

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \"admin\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en la consola del cl\u00faster, una interfaz de solo lectura que muestra la red del cl\u00faster, detalles de tr\u00e1fico y m\u00e9tricas para una aplicaci\u00f3n de red que un usuario configura en un entorno h\u00edbrido de m\u00faltiples nubes. Cuando se utiliza el m\u00e9todo de autenticaci\u00f3n predeterminado, se genera una contrase\u00f1a aleatoria para el usuario \"admin\" y se conserva en un secreto de Kubernetes o en un volumen podman en un archivo de texto plano. Este m\u00e9todo de autenticaci\u00f3n puede ser manipulado por un atacante, lo que lleva a la lectura de cualquier archivo legible por el usuario en el sistema de archivos contenedor, lo que afecta directamente la confidencialidad de los datos. Adem\u00e1s, el atacante puede inducir a la recopilaci\u00f3n a leer archivos extremadamente grandes en la memoria, lo que provoca el agotamiento de los recursos y un ataque de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2024-12582",
  "lastModified": "2025-02-13T14:15:28.700",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-12-24T04:15:05.137",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:1413"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2024-12582"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333540"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-305"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}

ghsa-jwxc-5ch3-vxqq

Vulnerability from github

Published

2024-12-24 06:30

Modified

2025-02-13 15:31

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-12582"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-305"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-12-24T04:15:05Z",
    "severity": "HIGH"
  },
  "details": "A flaw was found in the skupper console,  a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the \"admin\" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack.",
  "id": "GHSA-jwxc-5ch3-vxqq",
  "modified": "2025-02-13T15:31:22Z",
  "published": "2024-12-24T06:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12582"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:1413"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-12582"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333540"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-12582

Vulnerability from cvelistv5

rhsa-2025:1413

Vulnerability from csaf_redhat

fkie_cve-2024-12582

Vulnerability from fkie_nvd

ghsa-jwxc-5ch3-vxqq

Vulnerability from github

Tags

Sightings

Nomenclature