CVE-2023-5528

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-5528
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5528.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-5528
Aliases
Related
Published
2023-11-14T21:15:14Z
Modified
2024-09-06T15:15:12Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

References

Affected packages

Git / github.com/kubernetes/kubelet

Affected ranges

Type
GIT
Repo
https://github.com/kubernetes/kubelet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e5e8c2b2f912d4676373464f023bc3495de84965