Lucene search
+L

118 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.32 views

CBL Mariner 2.0 Security Update: kubernetes (CVE-2023-5528)

The version of kubernetes installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-5528 advisory. - A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on...

8.8CVSS7.6AI score0.03578EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/17 12:0 a.m.2 views

PT-2024-10046 · Rancher +2 · Rke2 +3

Name of the Vulnerable Software and Affected Versions: Rancher Manager versions prior to v2.8.9 RKE2 versions prior to v1.27.15 RKE2 versions prior to v1.28.11 RKE2 versions prior to v1.29.6 RKE2 versions prior to v1.30.2 Description: The issue is related to incorrect permission assignment for a...

9.9CVSS6.9AI score0.97781EPSS
Exploits21References149
Gentoo Linux
Gentoo Linux
added 2024/05/12 12:0 a.m.29 views

Kubelet: Privilege Escalation

Background Kubelet is a Kubernetes Node Agent. Description A vulnerability has been discovered in Kubelet. Please review the CVE identifier referenced below for details. Impact A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes...

8.8CVSS7.5AI score0.03578EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/12 12:0 a.m.26 views

GLSA-202405-31 : Kubelet: Privilege Escalation

The remote host is affected by the vulnerability described in GLSA-202405-31 Kubelet: Privilege Escalation - A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernet...

8.8CVSS7.5AI score0.03578EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/02/19 12:0 a.m.6 views

PT-2024-19165 · Rke2 +2 · Rke2 +2

Name of the Vulnerable Software and Affected Versions: Rancher versions 2.7.0 through 2.7.14 Rancher versions 2.8.0 through 2.8.7 Rancher versions 2.9.0 through 2.9.1 Description: A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a...

9.9CVSS6.4AI score0.97781EPSS
Exploits21References145
Tenable Nessus
Tenable Nessus
added 2023/11/27 12:0 a.m.26 views

Fedora 38 : kubernetes (2023-39ecb65aaf)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-39ecb65aaf advisory. Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Additional bug and regressi...

8.8CVSS7.5AI score0.03578EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/27 12:0 a.m.34 views

Fedora 39 : kubernetes (2023-fbdb7e13df)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-fbdb7e13df advisory. Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Additional bug and regressi...

8.8CVSS7.5AI score0.03578EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/24 12:0 a.m.21 views

Fedora 37 : kubernetes (2023-6ad09ef90b)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-6ad09ef90b advisory. Resolves CVE-2023-5528: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes. Upstream change log at:...

8.8CVSS7.5AI score0.03578EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2023/11/20 8:0 a.m.3 views

Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

...

8.8CVSS7.5AI score0.03578EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/11/15 6:34 p.m.38 views

CVE-2023-5528

A flaw was found in Kubernetes, where a user who can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.4AI score0.03578EPSS
Exploits0References4
Veracode
Veracode
added 2023/11/15 3:2 p.m.19 views

Improper Input Validation

K8s.io/kubernetes is vulnerable to Improper Input Validation. The vulnerability exists due to insufficient input sanitization in the in-tree storage plugin for Windows nodes in mountwindows.go, allowing an attacker to bypass admin privileges on this node...

8.8CVSS7.1AI score0.03578EPSS
Exploits0References16Affected Software2
OSV
OSV
added 2023/11/14 9:31 p.m.17 views

GHSA-HQ6Q-C2X6-HMCH Kubernetes Improper Input Validation vulnerability

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS8.7AI score0.03578EPSS
Exploits0References13
NVD
NVD
added 2023/11/14 9:15 p.m.27 views

CVE-2023-5528

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS0.03578EPSS
Exploits0References6
OSV
OSV
added 2023/11/14 9:15 p.m.7 views

AZL-32005 CVE-2023-5528 affecting package kubernetes for versions less than 1.28.4-1

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.1AI score0.03578EPSS
Exploits0References1
OSV
OSV
added 2023/11/14 9:15 p.m.7 views

AZL-34894 CVE-2023-5528 affecting package kubernetes for versions less than 1.28.7-2

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7.1AI score0.03578EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/11/14 9:15 p.m.42 views

CVE-2023-5528

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

8.8CVSS7AI score0.03578EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/11/14 8:32 p.m.224 views

CVE-2023-5528 Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

7.2CVSS8.9AI score0.03578EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 8:32 p.m.23 views

CVE-2023-5528 Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes...

7.2CVSS7AI score0.03578EPSS
Exploits0References9
Kubernetes Security Advisories
Kubernetes Security Advisories
added 2023/11/14 3:54 p.m.7 views

Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes

CVSS Rating: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - HIGH 7.2 A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they ar...

8.8CVSS6.9AI score0.03578EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.9 views

Kubernetes Security Vulnerabilities

Kubernetes K8s is an open source system from the Cloud Native Computing Foundation for automating the deployment, scaling, and management of containerized applications. Kubernetes has a security vulnerability that stems from the fact that users who can create Pods and persistent volumes on Window...

8.8CVSS8.1AI score0.03578EPSS
Exploits0References5
Rows per page
Query Builder