A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
19 Jan 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Nov 2023, 15:10
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* |
|
References | () https://github.com/kubernetes/kubernetes/issues/121879 - Issue Tracking, Patch | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/ - Mailing List | |
References | () https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA - Mailing List | |
First Time |
Fedoraproject
Kubernetes kubernetes Kubernetes Fedoraproject fedora |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
28 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
14 Nov 2023, 21:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-14 21:15
Updated : 2024-01-19 16:15
NVD link : CVE-2023-5528
Mitre link : CVE-2023-5528
CVE.ORG link : CVE-2023-5528
JSON object : View
Products Affected
fedoraproject
- fedora
kubernetes
- kubernetes
CWE