CVE-2023-3955

A security issue was discovered in Kubernetes where a user
 that can create pods on Windows nodes may be able to escalate to admin 
privileges on those nodes. Kubernetes clusters are only affected if they
 include Windows nodes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
kuberneteskubernetes
𝑥
< 1.24.17
kuberneteskubernetes
1.25.0 ≤
𝑥
< 1.25.13
kuberneteskubernetes
1.26.0 ≤
𝑥
< 1.26.8
kuberneteskubernetes
1.27.0 ≤
𝑥
< 1.27.5
kuberneteskubernetes
1.28.0 ≤
𝑥
< 1.28.1
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
kuberneteskubelet
1.27.0 ≤
𝑥
≤ 1.27.4
ADP
kuberneteskubelet
1.26.0 ≤
𝑥
≤ 1.26.7
ADP
kuberneteskubelet
1.25.0 ≤
𝑥
≤ 1.25.12
ADP
kuberneteskubelet
𝑥
≤ 1.24.16
ADP
Debian logo
Debian Releases
Debian Product
Codename
kubernetes
bookworm
1.20.5+really1.20.2-1.1
fixed
bullseye
1.20.5+really1.20.2-1
fixed
sid
1.20.5+really1.20.2-1.1
fixed
Common Weakness Enumeration
References
https://github.com/kubernetes/kubernetes/issues/119595
https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E
https://security.netapp.com/advisory/ntap-20231221-0002/
https://github.com/kubernetes/kubernetes/issues/119595
https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E
https://security.netapp.com/advisory/ntap-20231221-0002/