PT-2023-4575 · Unknown+2 · Kubernetes+1

Tomer Peled

Publicado

2023-08-23

Atualizado

2024-12-18

CVE-2023-3676

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Kubernetes (affected versions not specified)

Description A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. The vulnerability allows for remote code execution (RCE) on Windows endpoints. An attacker with 'apply' privileges can inject arbitrary code that gets executed on Windows machines with SYSTEM privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-269

Identificadores relacionados

ALT-PU-2023-6188

ALT-PU-2023-6420

BDU:2023-04982

BDU:2023-04983

CVE-2023-3676

GHSA-7FXM-F474-HF8W

GO-2023-2330

OPENSUSE-SU-2024:14599-1

Produtos afetados

Alt Linux

Kubernetes

PT-2023-4575 · Unknown+2 · Kubernetes+1

CVE-2023-3676

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 108