CVE-2023-3893
CVSS V2 None
CVSS V3 None
Description
A security issue was discovered in Kubernetes where a user that can
create pods on Windows nodes running kubernetes-csi-proxy may be able to
escalate to admin privileges on those nodes. Kubernetes clusters are
only affected if they include Windows nodes running
kubernetes-csi-proxy.
Overview
- CVE ID
- CVE-2023-3893
- Assigner
- kubernetes
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-03T17:34:10.188Z
- Last Modified Date
- 2023-11-03T17:34:10.188Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/kubernetes/kubernetes/issues/119594 | issue-tracking |
https://groups.google.com/g/kubernetes-security-announce/c/lWksE2BoCyQ | mailing-list |
https://security.netapp.com/advisory/ntap-20231221-0004/ |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-3893 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3893 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-24 21:15:48 | Added to TrackCVE |