CVE-2023-3955

Summary

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

Affected Software

VendorProductVersion RangeStatus
Kuberneteskubeletv1.28.0affected
Kuberneteskubeletv1.27.0 <= v1.27.4affected
Kuberneteskubeletv1.26.0 <= v1.26.7affected
Kuberneteskubeletv1.25.0 <= v1.25.12affected
Kuberneteskubeletv1.28.1unaffected
Kuberneteskubeletv1.27.5unaffected
Kuberneteskubeletv1.26.8unaffected
Kuberneteskubeletv1.25.13unaffected
Kuberneteskubeletv1.24.17unaffected
Kuberneteskubelet0 <= v1.24.16affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References