Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2023-5528

Published: 14/11/2023 Updated: 19/01/2024
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Kubernetes

Vulnerability Summary

A security issue exists in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes kubernetes

fedoraproject fedora 37

fedoraproject fedora 38

fedoraproject fedora 39

Vendor Advisories

Red Hat: Important: Red Hat OpenShift for Windows Containers 7.2.0 security update
Synopsis Important: Red Hat OpenShift for Windows Containers 720 security update Type/Severity Security Advisory: Important Topic An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 412Red Hat Product Security has rated this ...
Red Hat: Important: Red Hat OpenShift for Windows Containers 8.1.1 security update
Synopsis Important: Red Hat OpenShift for Windows Containers 811 security update Type/Severity Security Advisory: Important Topic The components for Red Hat OpenShift for Windows Containers 811 are now available This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and wi ...
Red Hat: Important: Red Hat OpenShift for Windows Containers 6.0.3 security update
概要 Important: Red Hat OpenShift for Windows Containers 603 security update タイプ/重大度 Security Advisory: Important トピック An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 411Red Hat Product Security has ...

References

NVD-CWE-noinfohttps://github.com/kubernetes/kubernetes/issues/121879https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzAhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/https://security.netapp.com/advisory/ntap-20240119-0009/https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2023:7710
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook