CVE-2023-5528

HIGH EPSS 87.9%
Published Nov 14, 20232y ago · Modified Jun 17, 20261w ago
8.8 CVSS 3.1
High
Find Similar
Published Nov 14, 2023 2y ago
Last Modified Jun 17, 2026 1w ago

Description

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

CVSS Details

Base Score
8.8
Exploitability
2.8
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
87.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 8

VendorProductVersionRange
kuberneteskubernetes*≥1.8.0  –  <1.25.16
kuberneteskubernetes*≥1.26.0  –  <1.26.11
kuberneteskubernetes*≥1.27.0  –  <1.27.8
kuberneteskubernetes*≥1.28.0  –  <1.28.4
microsoftwindows*any
fedoraprojectfedora37any
fedoraprojectfedora38any
fedoraprojectfedora39any

References 6

  • github.com https://github.com/kubernetes/kubernetes/issues/121879
    Issue TrackingPatch
  • groups.google.com https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA
    Mailing List
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/
    PatchRelease Notes
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/
    PatchRelease Notes
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/
    PatchRelease Notes
  • security.netapp.com https://security.netapp.com/advisory/ntap-20240119-0009/
    Third Party Advisory

Remediation

  • github.com https://github.com/kubernetes/kubernetes/issues/121879
    Issue TrackingPatch
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JH444PWZBINXLLFV7XLIJIZJHSK6UEZ/
    PatchRelease Notes
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/
    PatchRelease Notes
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/
    PatchRelease Notes