OpenShift Lightspeed Service Unauthenticated API Flooding Vulnerability

Vulnerability

A vulnerability exists in the OpenShift Lightspeed Service due to the lack of authentication for API requests. This flaw allows unauthenticated users to flood the service with requests to non-existent endpoints, leading to an accumulation of metric data. The excessive resource consumption from this flooding can degrade application performance and disrupt monitoring systems. The issue causes increased usage of CPU, RAM, and disk space, which can result in service outages and destabilize the entire cluster.

Impact

Exploitation of this vulnerability can cause high CPU and memory usage, increased disk space consumption, and degradation of application performance and cluster stability, potentially leading to service unavailability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenShift Lightspeed Service Unauthenticated API Flooding Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating