REDHAT-BUG-2227128
First published: Fri Jul 28 2023(Updated: )
A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. Any kubernetes environment with Windows nodes is impacted. Run kubectl get nodes -l kubernetes.io/os=windows to see if any Windows nodes are in use.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kubernetes Dashboard |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-2227128?
REDHAT-BUG-2227128 is classified as a critical vulnerability due to the potential for privilege escalation on Kubernetes Windows nodes.
How do I fix REDHAT-BUG-2227128?
To mitigate REDHAT-BUG-2227128, update your Kubernetes environment if it includes Windows nodes.
Which Kubernetes versions are affected by REDHAT-BUG-2227128?
Any Kubernetes environment that includes Windows nodes may be affected by REDHAT-BUG-2227128.
What systems are impacted by REDHAT-BUG-2227128?
Kubernetes clusters with Windows nodes are the systems impacted by REDHAT-BUG-2227128.
Can a user with basic permissions exploit REDHAT-BUG-2227128?
Yes, a user that can create pods on Windows nodes may exploit REDHAT-BUG-2227128 to escalate privileges.
- agent/references
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-3955
- agent/severity
- agent/last-modified-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/kubernetes
- canonical/kubernetes dashboard