PT-2023-4576 · Unknown+2 · Kubernetes+1

James Sturtevant

Publicado

2023-08-23

Atualizado

2024-12-18

CVE-2023-3955

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Kubernetes (affected versions not specified)

Description A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Improper Privilege Management

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20CWE-269

Identificadores relacionados

ALT-PU-2023-6188

ALT-PU-2023-6420

BDU:2023-04983

CVE-2023-3955

GHSA-Q78C-GWQW-JCMC

GO-2023-2170

OPENSUSE-SU-2024:14599-1

Produtos afetados

Alt Linux

Kubernetes

PT-2023-4576 · Unknown+2 · Kubernetes+1

CVE-2023-3955

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 75