CVE-2023-2878
CVSS V2 None
CVSS V3 None
Description
Kubernetes secrets-store-csi-driver in versions before 1.3.3 discloses service account tokens in logs.
Overview
- CVE ID
- CVE-2023-2878
- Assigner
- kubernetes
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-06-07T14:35:10.295Z
- Last Modified Date
- 2023-06-07T14:37:59.908Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/kubernetes/kubernetes/issues/118419 | issue-tracking |
| https://groups.google.com/g/kubernetes-security-announce/c/5K8ghQHBDdQ/m/Udee6YUgAAAJ | mailing-list |
| https://security.netapp.com/advisory/ntap-20230814-0003/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-2878 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2878 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-24 22:14:05 | Added to TrackCVE |