Description
A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Mon, 13 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A privilege escalation vulnerability was found in the incluster-checks tool for OpenShift. The tool creates privileged debug pods with host filesystem access in the shared default namespace, where any user with the standard edit role can exec into them and obtain root access on cluster nodes. | |
| Title | Redhatinsights/incluster-checks: incluster-checks: privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root | |
| First Time appeared |
Redhat
Redhat pdrive Lightspeed |
|
| Weaknesses | CWE-250 | |
| CPEs | cpe:/a:redhat:pdrive_lightspeed:1 | |
| Vendors & Products |
Redhat
Redhat pdrive Lightspeed |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2026-07-13T12:01:06.562Z
Reserved: 2026-07-13T11:47:02.045Z
Link: CVE-2026-15584
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses