Red Hat Authorino Denial-of-Service Vulnerability via AuthPolicy

Vulnerability

A denial-of-service vulnerability has been identified in the Authorino service, specifically affecting Red Hat OpenShift Container Platform. This issue arises when a Developer persona interacts with an AuthPolicy that includes a sharedSecretRef, causing the Authorino service to become unresponsive. As a result, the evaluation of all AuthPolicies within the cluster is disrupted.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the Authorino service to become unresponsive and interrupting the evaluation of AuthPolicies across the cluster.

Added: Jun 9, 2025, 6:21 AM

Updated: Jun 9, 2025, 6:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Red Hat Authorino Denial-of-Service Vulnerability via AuthPolicy

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating