REDHAT-BUG-2227126
First published: Fri Jul 28 2023(Updated: )
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. Any Kubernetes environment with Windows nodes is impacted. Run kubectl get nodes -l kubernetes.io/os=windows to see if any Windows nodes are in use.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kubernetes Dashboard |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2227126?
REDHAT-BUG-2227126 is considered a critical vulnerability as it allows privilege escalation on Windows nodes.
How do I fix REDHAT-BUG-2227126?
To fix REDHAT-BUG-2227126, upgrade your Kubernetes clusters that include Windows nodes to the latest patched version.
Who is affected by REDHAT-BUG-2227126?
Any Kubernetes environment that includes Windows nodes is affected by REDHAT-BUG-2227126.
What are the potential impacts of REDHAT-BUG-2227126?
The potential impact of REDHAT-BUG-2227126 includes unauthorized users gaining admin privileges on Windows nodes.
Is REDHAT-BUG-2227126 limited to certain Kubernetes versions?
REDHAT-BUG-2227126 affects all Kubernetes versions that support Windows nodes.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-3676
- agent/source
- agent/severity
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/kubernetes
- canonical/kubernetes dashboard