CVE-2025-10725

Source
https://cve.org/CVERecord?id=CVE-2025-10725
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10725.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-10725
Published
2025-09-30T17:47:08.577Z
Modified
2026-07-08T07:12:26.238494453Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Openshift-ai: overly permissive clusterrole allows authenticated users to escalate privileges to cluster admin
Details

A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authenticated account, for example as a data scientist using a standard Jupyter notebook, can escalate their privileges to a full cluster administrator. This allows for the complete compromise of the cluster's confidentiality, integrity, and availability. The attacker can steal sensitive data, disrupt all services, and take control of the underlying infrastructure, leading to a total breach of the platform and all applications hosted on it.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/10xxx/CVE-2025-10725.json",
    "cwe_ids": [
        "CWE-266"
    ],
    "cna_assigner": "redhat"
}
References

Affected packages

Git / github.com/opendatahub-io/opendatahub-operator

Affected ranges

Type
GIT
Repo
https://github.com/opendatahub-io/opendatahub-operator
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.0.0"
        }
    ]
}

Affected versions

0.*
0.8.0-experiment
v0.*
v0.0.1
v0.0.2
v0.0.3
v0.0.4
v0.0.5
v0.0.6
v0.0.7
v0.0.8
v0.0.9
v0.9.0
v0.9.1
v1.*
v1.0-rc.0
v1.0-rc.1
v1.0-rc.2
v1.0-rc.3
v1.0.0
v1.0.1
v1.0.10
v1.0.11
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1-rc.0
v1.1.0
v1.1.2
v1.2.0
v1.3.0
v1.4.0
v1.4.1
v1.4.2
v1.5.0
v1.6.0
v2.*
v2.0.0
v2.1.0
v2.7.0
v2.8.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-10725.json"