CVE-2023-3676

A security issue was discovered in Kubernetes where a user
 that can create pods on Windows nodes may be able to escalate to admin 
privileges on those nodes. Kubernetes clusters are only affected if they
 include Windows nodes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kubernetesCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
kuberneteskubernetes
𝑥
< 1.24.17
kuberneteskubernetes
1.25.0 ≤
𝑥
< 1.25.13
kuberneteskubernetes
1.26.0 ≤
𝑥
< 1.26.8
kuberneteskubernetes
1.27.0 ≤
𝑥
< 1.27.5
kuberneteskubernetes
1.28.0 ≤
𝑥
< 1.28.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
kubernetes
bullseye
1.20.5+really1.20.2-1
fixed
bookworm
1.20.5+really1.20.2-1.1
fixed
sid
1.20.5+really1.20.2-1.1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kubernetes
oracular
needs-triage
noble
needs-triage
jammy
needs-triage
focal
needs-triage
Common Weakness Enumeration
References
https://github.com/kubernetes/kubernetes/issues/119339
https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc
https://security.netapp.com/advisory/ntap-20231130-0007/
https://github.com/kubernetes/kubernetes/issues/119339
https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc
https://security.netapp.com/advisory/ntap-20231130-0007/