A security issue was discovered in Kubernetes where a user
that can create pods on Windows nodes may be able to escalate to admin
privileges on those nodes. Kubernetes clusters are only affected if they
include Windows nodes.
References
| Link | Resource |
|---|---|
| https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc | Third Party Advisory |
| https://github.com/kubernetes/kubernetes/issues/119339 | Exploit Mitigation Patch Third Party Advisory |
| https://security.netapp.com/advisory/ntap-20231130-0007/ |
Configurations
Configuration 1 (hide)
| AND |
|
Information
Published : 2023-10-31 21:15
Updated : 2023-11-30 22:15
NVD link : CVE-2023-3676
Mitre link : CVE-2023-3676
JSON object : View
Products Affected
microsoft
- windows
kubernetes
- kubernetes
CWE
CWE-20
Improper Input Validation