CVE-2023-5528 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2023-5528

CVE-2023-5528

November 14, 2023

A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.

Related Resources (18)

https://github.com/advisories/GHSA-hq6q-c2x6-hmch

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XZIX727JIKF5RQW7RVVBLWXBCDIBJA7/

https://github.com/kubernetes/kubernetes/pull/121883

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7MPGMITSZXUCAVO7Q75675SOLXC2XXU4/

https://security.netapp.com/advisory/ntap-20240119-0009

https://github.com/kubernetes/kubernetes/issues/121879

https://groups.google.com/g/kubernetes-security-announce/c/SL_d4NR8pzA

https://security.netapp.com/advisory/ntap-20240119-0009/

https://github.com/kubernetes/kubernetes

https://nvd.nist.gov/vuln/detail/CVE-2023-5528