Vulnerabilites related to Kubernetes - kubelet
cve-2025-0426
Vulnerability from cvelistv5
Published
2025-02-13 15:16
Modified
2025-02-13 17:02
Severity ?
EPSS score ?
Summary
A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/kubernetes/kubernetes/issues/130016 | issue-tracking | |
| https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8 | mailing-list |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kubernetes | kubelet |
Version: 1.32.0 ≤ 1.32.1 Version: 1.31.0 ≤ 1.31.5 Version: 1.30.0 ≤ 1.30.9 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-13T16:29:18.956503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T16:29:27.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-13T17:02:37.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/13/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "1.32.1",
"status": "affected",
"version": "1.32.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.31.5",
"status": "affected",
"version": "1.31.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.30.9",
"status": "affected",
"version": "1.30.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.32.2"
},
{
"status": "unaffected",
"version": "1.31.6"
},
{
"status": "unaffected",
"version": "1.30.10"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eOnly clusters \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003erunning an affected version with the kubelet read-only HTTP port enabled and using a container runtime that supports the container checkpointing feature, such as CRI-O v1.25.0+ (with \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003eenable_criu_support\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;set to \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003etrue\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e) or containerd v2.0+ with \u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003ecriu\u003c/span\u003e\u003cspan style=\"background-color: transparent;\"\u003e\u0026nbsp;installed, are affected.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Only clusters running an affected version with the kubelet read-only HTTP port enabled and using a container runtime that supports the container checkpointing feature, such as CRI-O v1.25.0+ (with enable_criu_support\u00a0set to true) or containerd v2.0+ with criu\u00a0installed, are affected."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Allclair"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eA security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node\u0027s disk. \u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node\u0027s disk."
}
],
"impacts": [
{
"capecId": "CAPEC-125",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-125 Flooding"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-13T15:16:13.703Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/130016"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2025-0426",
"datePublished": "2025-02-13T15:16:13.703Z",
"dateReserved": "2025-01-13T15:08:34.825Z",
"dateUpdated": "2025-02-13T17:02:37.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-5528
Vulnerability from cvelistv5
Published
2023-11-14 20:32
Modified
2024-09-06 14:18
Severity ?
EPSS score ?
Summary
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/kubernetes/kubernetes/issues/121879 | issue-tracking | |
| https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA | mailing-list |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kubernetes | kubelet |
Version: v1.28.0 ≤ v1.28.3 Version: v1.27.0 ≤ v1.27.7 Version: v1.26.0 ≤ v1.26.10 Version: 0 ≤ v1.25.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.808Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/issues/121879"
},
{
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240119-0009/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "v1.28.3",
"status": "affected",
"version": "v1.28.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.27.7",
"status": "affected",
"version": "v1.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.26.10",
"status": "affected",
"version": "v1.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.25.15",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "v1.28.4"
},
{
"status": "unaffected",
"version": "v1.27.8"
},
{
"status": "unaffected",
"version": "v1.26.11"
},
{
"status": "unaffected",
"version": "v1.25.16"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tomer Peled"
}
],
"datePublic": "2023-11-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes."
}
],
"value": "A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T14:18:44.918Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/121879"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2023-5528",
"datePublished": "2023-11-14T20:32:08.411Z",
"dateReserved": "2023-10-11T16:12:14.212Z",
"dateUpdated": "2024-09-06T14:18:44.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-10220
Vulnerability from cvelistv5
Published
2024-11-22 16:23
Modified
2024-11-25 18:22
Severity ?
EPSS score ?
Summary
The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/kubernetes/kubernetes/issues/128885 | issue-tracking | |
| https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko | mailing-list |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kubernetes | kubelet |
Version: 0 ≤ 1.28.11 Version: 1.29.0 ≤ 1.29.6 Version: 1.30.0 ≤ 1.30.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-11-22T17:02:54.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/11/20/1"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kubernetes:kubelet:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kubelet",
"vendor": "kubernetes",
"versions": [
{
"lessThanOrEqual": "1.28.11",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.29.6",
"status": "affected",
"version": "1.29.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.30.2",
"status": "affected",
"version": "1.30.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.31.0"
},
{
"status": "unaffected",
"version": "1.30.3"
},
{
"status": "unaffected",
"version": "1.29.7"
},
{
"status": "unaffected",
"version": "1.28.12"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T18:21:04.320283Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T18:22:59.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"lessThanOrEqual": "1.28.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.29.6",
"status": "affected",
"version": "1.29.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.30.2",
"status": "affected",
"version": "1.30.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.31.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.30.3"
},
{
"status": "unaffected",
"version": "1.29.7"
},
{
"status": "unaffected",
"version": "1.28.12"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Imre Rad"
},
{
"lang": "en",
"type": "remediation developer",
"value": "Imre Rad"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.\u003cp\u003eThis issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2.\u003c/p\u003e"
}
],
"value": "The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T16:23:00.535Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/128885"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/ptNgV5Necko"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Arbitrary command execution through gitRepo volume",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2024-10220",
"datePublished": "2024-11-22T16:23:00.535Z",
"dateReserved": "2024-10-21T18:56:00.535Z",
"dateUpdated": "2024-11-25T18:22:59.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-3676
Vulnerability from cvelistv5
Published
2023-10-31 20:22
Modified
2025-02-13 16:56
Severity ?
EPSS score ?
Summary
A security issue was discovered in Kubernetes where a user
that can create pods on Windows nodes may be able to escalate to admin
privileges on those nodes. Kubernetes clusters are only affected if they
include Windows nodes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kubernetes | kubelet |
Version: v1.28.0 Version: v1.27.0 ≤ v1.27.4 Version: v1.26.0 ≤ v1.26.7 Version: v1.25.0 ≤ v1.25.12 Version: 0 ≤ v1.24.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/issues/119339"
},
{
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"status": "affected",
"version": "v1.28.0"
},
{
"lessThanOrEqual": "v1.27.4",
"status": "affected",
"version": "v1.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.26.7",
"status": "affected",
"version": "v1.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.25.12",
"status": "affected",
"version": "v1.25.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "v1.28.1"
},
{
"status": "unaffected",
"version": "v1.27.5"
},
{
"status": "unaffected",
"version": "v1.26.8"
},
{
"status": "unaffected",
"version": "v1.25.13"
},
{
"status": "unaffected",
"version": "v1.24.17"
},
{
"lessThanOrEqual": "v1.24.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tomer Peled"
}
],
"datePublic": "2023-08-23T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.\u003cbr\u003e"
}
],
"value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T22:06:09.695Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/119339"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231130-0007/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2023-3676",
"datePublished": "2023-10-31T20:22:53.620Z",
"dateReserved": "2023-07-14T16:06:03.399Z",
"dateUpdated": "2025-02-13T16:56:23.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-3955
Vulnerability from cvelistv5
Published
2023-10-31 20:36
Modified
2025-02-13 17:03
Severity ?
EPSS score ?
Summary
A security issue was discovered in Kubernetes where a user
that can create pods on Windows nodes may be able to escalate to admin
privileges on those nodes. Kubernetes clusters are only affected if they
include Windows nodes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kubernetes | kubelet |
Version: v1.28.0 Version: v1.27.0 ≤ v1.27.4 Version: v1.26.0 ≤ v1.26.7 Version: v1.25.0 ≤ v1.25.12 Version: 0 ≤ v1.24.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/issues/119595"
},
{
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231221-0002/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:kubernetes:kubelet:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "kubelet",
"vendor": "kubernetes",
"versions": [
{
"status": "affected",
"version": "1.28.0"
},
{
"lessThanOrEqual": "1.27.4",
"status": "affected",
"version": "1.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.26.7",
"status": "affected",
"version": "1.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.25.12",
"status": "affected",
"version": "1.25.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "1.28.1"
},
{
"status": "unaffected",
"version": "1.27.5"
},
{
"status": "unaffected",
"version": "1.26.8"
},
{
"status": "unaffected",
"version": "1.25.13"
},
{
"status": "unaffected",
"version": "1.24.17"
},
{
"lessThanOrEqual": "1.24.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3955",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:15:32.217974Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:57:40.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "kubelet",
"repo": "https://github.com/kubernetes/kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"status": "affected",
"version": "v1.28.0"
},
{
"lessThanOrEqual": "v1.27.4",
"status": "affected",
"version": "v1.27.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.26.7",
"status": "affected",
"version": "v1.26.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "v1.25.12",
"status": "affected",
"version": "v1.25.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "v1.28.1"
},
{
"status": "unaffected",
"version": "v1.27.5"
},
{
"status": "unaffected",
"version": "v1.26.8"
},
{
"status": "unaffected",
"version": "v1.25.13"
},
{
"status": "unaffected",
"version": "v1.24.17"
},
{
"lessThanOrEqual": "v1.24.16",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "James Sturtevant"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Mark Rossetti"
}
],
"datePublic": "2023-08-23T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.\u003cbr\u003e"
}
],
"value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-21T22:06:20.809Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/kubernetes/kubernetes/issues/119595"
},
{
"tags": [
"mailing-list"
],
"url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231221-0002/"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Kubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2023-3955",
"datePublished": "2023-10-31T20:36:54.352Z",
"dateReserved": "2023-07-26T13:51:11.192Z",
"dateUpdated": "2025-02-13T17:03:13.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}