CVE-2026-42965: OpenShift Router SSRF via FQDN EndpointSlice
OpenShift Router contains a flaw that allows users with EndpointSlice write permissions to redirect traffic through the router to cloud metadata endpoints. By crafting a Service backed by an FQDN-based EndpointSlice pointing to a cloud metadata service, an attacker can intercept and read sensitive instance credentials and metadata that should never be exposed. This circumvents existing IP address validation protections designed to block such access.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.7 HIGH · CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Weaknesses (CWE)
- CWE-918
- Affected products
- 2 configuration(s)
- Published / Modified
- 2026-05-29 / 2026-06-30
NVD description (verbatim)
A flaw was found in the OpenShift Router. A user with EndpointSlice write access can exploit this vulnerability by creating a Service backed by an FQDN (Fully Qualified Domain Name) EndpointSlice that resolves to a cloud metadata endpoint. This allows the router to proxy requests to the cloud metadata endpoint, leading to the disclosure of instance credentials and other sensitive metadata. This bypasses previous security measures for validating IP addresses.
5 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-42965 is a Server-Side Request Forgery (SSRF) vulnerability in Red Hat OpenShift Router stemming from insufficient validation of FQDN-based EndpointSlices. The vulnerability exploits the router's ability to proxy requests to arbitrary FQDNs when they back a Kubernetes Service. An authenticated user with EndpointSlice write access can create a malicious EndpointSlice that resolves to cloud metadata endpoints (e.g., AWS IMDSv2, Azure Instance Metadata Service, GCP metadata server). The router then proxies client requests to these endpoints, bypassing prior IP-based security controls. This enables credential and metadata disclosure at the network layer.
Business impact
Successful exploitation could lead to unauthorized disclosure of cloud instance credentials, service account tokens, and sensitive instance metadata. In containerized environments where applications often rely on cloud IAM for access control, stolen credentials create a pathway for lateral movement, privilege escalation, and persistent unauthorized access. Organizations running multi-tenant OpenShift clusters face heightened risk, as a single compromised namespace user could extract credentials affecting shared infrastructure and hosted workloads.
Affected systems
Red Hat OpenShift Container Platform and Red Hat OpenShift Router are affected. Vulnerability requires authenticated access with EndpointSlice write permissions; typically held by namespace administrators or service account operators. Single-tenant environments where access controls are strictly managed face lower risk than multi-tenant clusters or those with overly permissive role-based access control (RBAC) policies.
Exploitability
The vulnerability requires local (in-cluster) authentication and explicit write permissions to EndpointSlices, limiting the threat model to authenticated insiders, compromised service accounts, or users with misconfigured RBAC. No exploit is known to be public or weaponized. The attack requires direct interaction with the Kubernetes API, making it difficult to exploit remotely without prior cluster access. However, in environments where namespace users can create or modify Services and EndpointSlices, the technical barrier to exploitation is low.
Remediation
Apply security updates from Red Hat that implement stricter validation of FQDN resolution within EndpointSlices, specifically preventing resolution to known cloud metadata endpoints and internal/private IP address ranges. Additionally, enforce least-privilege RBAC policies to restrict EndpointSlice write permissions only to trusted operators and service accounts. Review and tighten network egress policies to block outbound connections to cloud metadata endpoints from the router namespace.
Patch guidance
Consult Red Hat Security Advisories (RHSA) for OpenShift Container Platform and OpenShift Router for the specific patch versions addressing this vulnerability. Patched versions will include enhanced validation logic that rejects or sanitizes FQDN EndpointSlices pointing to metadata services or private IP ranges. Apply patches according to your maintenance windows, prioritizing cluster administrators and multi-tenant environments. Test patches in non-production clusters first to ensure compatibility with existing Service and EndpointSlice configurations.
Detection guidance
Monitor Kubernetes audit logs for EndpointSlice creation or modification events, particularly those using FQDN-based endpoints pointing to unusual or private domains. Alert on Services backed by FQDNs that resolve to ranges commonly used for cloud metadata (e.g., 169.254.169.254 for AWS, 168.63.129.16 for Azure). Use network observability tools to detect router outbound connections to metadata endpoints. Implement webhook admission controllers to block or warn on suspicious EndpointSlice patterns in production namespaces.
Why prioritize this
This vulnerability merits immediate attention due to its HIGH severity score, the sensitive nature of cloud credentials, and the potential for significant lateral movement in containerized environments. Although it requires authentication, the combination of widespread cloud metadata exposure and the ease of exploitation by any user with basic EndpointSlice permissions makes it a credible internal threat. Organizations should patch before granting broad EndpointSlice write access or before operating multi-tenant clusters.
Risk score, explained
CVSS 3.1 score of 7.7 reflects a HIGH-severity issue with network-based attack vector, low attack complexity, and low privilege requirements balanced against local authentication requirements. The high confidentiality impact (C:H) reflects the sensitive nature of credentials and metadata at risk. No integrity or availability impact is scored, as the vulnerability enables read-only access to sensitive information without compromising data integrity or service availability.
Frequently asked questions
Who is at risk from this vulnerability?
Organizations running Red Hat OpenShift Container Platform or OpenShift Router are at risk. The threat is highest in multi-tenant clusters, development environments with relaxed access controls, or clusters where service accounts or developers have broad RBAC permissions to create or modify EndpointSlices. Single-tenant, tightly controlled environments face lower risk if EndpointSlice write access is restricted to cluster administrators.
Can this be exploited remotely without cluster access?
No. Exploitation requires authenticated access to the Kubernetes API with EndpointSlice write permissions. An attacker must either compromise a service account or user account with these permissions, or be an insider with legitimate cluster access. Remote exploitation without prior authentication or account compromise is not possible.
What credentials or data could be exposed?
Attackers could access cloud instance credentials (AWS temporary security credentials, Azure managed identity tokens, GCP service account keys), instance metadata (role names, tags, region information), and other sensitive configuration data stored in cloud metadata services. In a containerized environment, this could facilitate lateral movement or access to other cloud resources.
Are there interim mitigations if I cannot patch immediately?
Yes. Implement restrictive RBAC policies to minimize which users and service accounts can create or modify EndpointSlices. Deploy network policies or egress rules to block router traffic to cloud metadata endpoints (e.g., 169.254.169.254 for AWS). Use admission webhooks to reject or alert on suspicious FQDN-based EndpointSlice patterns. Monitor audit logs closely for anomalous EndpointSlice activity.
This analysis is based on publicly available vulnerability data as of the publication date. Patch availability, version numbers, and specific vendor guidance should be verified directly with Red Hat Security Advisories. This intelligence is provided for informational purposes to support security decision-making; organization-specific risk assessment, legal review, and testing are required before deployment of mitigations or patches. SEC.co makes no warranty regarding the completeness or accuracy of inferred technical details beyond the authoritative source data. Source: NVD (public-domain), retrieved 2026-07-07. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-10068HIGHSSRF in Shibby Tomato 1.28 miniupnpd (Unmaintained)
- CVE-2026-10107HIGHMoviePilot v2 SSRF in Image Proxy Allows Internal Network Access
- CVE-2026-10280HIGHServer-Side Request Forgery in Horizon921 mcpilot 0.1.0
- CVE-2026-10287HIGHSSRF in SourceCodester SEO Meta Tag Extractor 1.0
- CVE-2026-10771HIGHCRMEB Java SSRF Vulnerability in QR Code Endpoint
- CVE-2026-42398HIGHKibana Webhook SSRF Vulnerability—Egress Allowlist Bypass
- CVE-2026-44285HIGHFastGPT SSRF Vulnerability in Dataset Preview Endpoint
- CVE-2026-10052MEDIUMQuay SSRF in LDAP/SMTP Validation—Internal Network Reconnaissance Risk