CVE-2023-3893

A security issue was discovered in Kubernetes where a user that can 
create pods on Windows nodes running kubernetes-csi-proxy may be able to
 escalate to admin privileges on those nodes. Kubernetes clusters are 
only affected if they include Windows nodes running 
kubernetes-csi-proxy.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kubernetesCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
kubernetescsi_proxy
𝑥
≤ 1.1.2
kubernetescsi_proxy
2.0.0:alpha0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
kubernetes
bullseye
1.20.5+really1.20.2-1
fixed
sid
1.20.5+really1.20.2-1.1
fixed
bookworm
1.20.5+really1.20.2-1.1
fixed
Common Weakness Enumeration
References
https://github.com/kubernetes/kubernetes/issues/119594
https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ
https://security.netapp.com/advisory/ntap-20231221-0004/
https://github.com/kubernetes/kubernetes/issues/119594
https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ
https://security.netapp.com/advisory/ntap-20231221-0004/