Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-2431

Published: 16/06/2023 Updated: 01/07/2023
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Kubernetes

Vulnerability Summary

A security issue exists in Kubelet that allows pods to bypass the seccomp profile enforcement. Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue. In this scenario, this vulnerability allows the pod to run in unconfined (seccomp disabled) mode. This bug affects Kubelet.

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes kubernetes

fedoraproject fedora 38

Vendor Advisories

Red Hat:
DescriptionThe MITRE CVE dictionary describes this issue as: A security issue was discovered in Kubelet that allows pods to bypass the seccomp profile enforcement Pods that use localhost type for seccomp profile but specify an empty profile field, are affected by this issue In this scenario, this vulnerability allows the pod to run in unconfined ...

Github Repositories

https://github.com/chen-keinan/k8s-vulndb-collector

k8s-vulnDB-collector This open source project collect data from k8s Vulnerability adviository and parse it to standard vulnerability doc in json format Example: { "id": "CVE-2023-2431", "created_at": "2023-06-15T14:42:32Z", "summary": "Bypass of seccomp profile enforcement ", "component&quo

References

NVD-CWE-Otherhttps://groups.google.com/g/kubernetes-security-announce/c/QHmx0HOQa10https://github.com/kubernetes/kubernetes/issues/118690https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBX4RL4UOC7JHWWYB2AJCKSUM7EG5Y5G/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/43HDSKBKPSW53OW647B5ETHRWFFNHSRQ/https://nvd.nist.govhttps://github.com/chen-keinan/k8s-vulndb-collectorhttps://access.redhat.com/security/cve/cve-2023-2431
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook