Lucene search
PRIOn knowledge basePRION:CVE-2023-5528HistoryNov 14, 2023 - 9:15 p.m.
Security feature bypass
2023-11-1421:15:00
PRIOn knowledge base
www.prio-n.com
7
security bypass
kubernetes
admin privileges
in-tree storage
nvd
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 37 | |
| fedora | eq | 38 | |
| fedora | eq | 39 | |
| kubernetes | ge | 1.28.0 | |
| kubernetes | lt | 1.28.4 | |
| kubernetes | ge | 1.27.0 | |
| kubernetes | lt | 1.27.8 | |
| kubernetes | ge | 1.26.0 | |
| kubernetes | lt | 1.26.11 | |
| kubernetes | ge | 1.8.0 |
References
github.com/kubernetes/kubernetes/issues/121879
groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA
lists.fedoraproject.org/archives/list/[email protected]/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/
lists.fedoraproject.org/archives/list/[email protected]/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/
lists.fedoraproject.org/archives/list/[email protected]/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/
security.netapp.com/advisory/ntap-20240119-0009/
Related
openvas
openvas
Fedora: Security Advisory for kubernetes (FEDORA-2023-39ecb65aaf)
2023-11-28 00:00:00
Fedora: Security Advisory for kubernetes (FEDORA-2023-6ad09ef90b)
2023-11-25 00:00:00
Fedora: Security Advisory for kubernetes (FEDORA-2023-fbdb7e13df)
2023-11-28 00:00:00
nvd
nvd
CVE-2023-5528
2023-11-14 21:15:14
osv
osv
Kubernetes Improper Input Validation vulnerability
2023-11-14 21:31:03
CVE-2023-5528
2023-11-14 21:15:14
nessus
nessus
Fedora 38 : kubernetes (2023-39ecb65aaf)
2023-11-27 00:00:00
GLSA-202405-31 : Kubelet: Privilege Escalation
2024-05-12 00:00:00
Fedora 37 : kubernetes (2023-6ad09ef90b)
2023-11-24 00:00:00
gentoo
gentoo
Kubelet: Privilege Escalation
2024-05-12 00:00:00
redhatcve
redhatcve
CVE-2023-5528
2023-11-15 18:34:47
veracode
veracode
Improper Input Validation
2023-11-15 15:02:15
ubuntucve
ubuntucve
CVE-2023-5528
2023-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: kubernetes-1.25.16-1.fc37
2023-11-25 01:37:59
[SECURITY] Fedora 38 Update: kubernetes-1.26.11-1.fc38
2023-11-28 01:25:26
[SECURITY] Fedora 39 Update: kubernetes-1.27.8-1.fc39
2023-11-28 01:27:40
hackerone
hackerone
redhat
redhat
ibm
ibm
github
github
Kubernetes Improper Input Validation vulnerability
2023-11-14 21:31:03
cgr
cgr
CVE-2023-5528 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2023-5528
2023-11-14 21:15:14
cbl_mariner
cbl_mariner
CVE-2023-5528 affecting package kubernetes for versions less than 1.28.4-1
2023-12-07 15:29:15
CVE-2023-5528 affecting package kubernetes for versions less than 1.28.7-2
2024-03-19 17:21:46
wolfi
wolfi
CVE-2023-5528 vulnerabilities
2024-07-03 09:08:38
debiancve
debiancve
CVE-2023-5528
2023-11-14 21:15:14
redos
redos
ROS-20231122-01
2023-11-22 00:00:00
cvelist
cvelist
thn
thn