Skip to content

Commit

Permalink
CVE-2023-5528 (#20)
Browse files Browse the repository at this point in the history
  • Loading branch information
@RTann
RTann authored Nov 15, 2023
1 parent c6ca172 commit eaa514d
Showing 1 changed file with 20 additions and 0 deletions.
20 changes: 20 additions & 0 deletions cves/CVE-2023-5528.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
cve: CVE-2023-5528
issueUrl: https://github.com/kubernetes/kubernetes/issues/121879
published: 2023-11-14T00:00Z
description: |
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
components:
- kubelet
cvss:
kubernetes:
scoreV3: 7.2
vectorV3: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
affected:
- range: ">= 1.8.0, < 1.25.16"
fixedBy: "1.25.16"
- range: ">= 1.26, < 1.26.11"
fixedBy: "1.26.11"
- range: ">= 1.27, < 1.27.8"
fixedBy: "1.27.8"
- range: ">= 1.28, < 1.28.4"
fixedBy: "1.28.4"

0 comments on commit eaa514d

Please sign in to comment.