CVE-2023-3676

EUVD-2023-2686
A security issue was discovered in Kubernetes where a user
 that can create pods on Windows nodes may be able to escalate to admin 
privileges on those nodes. Kubernetes clusters are only affected if they
 include Windows nodes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kubernetesCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
Affected Products (NVD)
VendorProductVersion
kuberneteskubernetes
𝑥
< 1.24.17
kuberneteskubernetes
1.25.0 ≤
𝑥
< 1.25.13
kuberneteskubernetes
1.26.0 ≤
𝑥
< 1.26.8
kuberneteskubernetes
1.27.0 ≤
𝑥
< 1.27.5
kuberneteskubernetes
1.28.0 ≤
𝑥
< 1.28.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
kubernetes
bookworm
1.20.5+really1.20.2-1.1
fixed
bullseye
1.20.5+really1.20.2-1
fixed
sid
1.20.5+really1.20.2-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kubernetes
focal
needs-triage
jammy
needs-triage
noble
needs-triage
oracular
needs-triage
Common Weakness Enumeration
References
https://github.com/kubernetes/kubernetes/issues/119339
https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc
https://security.netapp.com/advisory/ntap-20231130-0007/
https://github.com/kubernetes/kubernetes/issues/119339
https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc
https://security.netapp.com/advisory/ntap-20231130-0007/