{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3955", "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "state": "PUBLISHED", "assignerShortName": "kubernetes", "dateReserved": "2023-07-26T13:51:11.192Z", "datePublished": "2023-10-31T20:36:54.352Z", "dateUpdated": "2024-08-02T07:08:50.695Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "kubelet", "repo": "https://github.com/kubernetes/kubernetes", "vendor": "Kubernetes", "versions": [{"status": "affected", "version": "v1.28.0"}, {"lessThanOrEqual": "v1.27.4", "status": "affected", "version": "v1.27.0", "versionType": "semver"}, {"lessThanOrEqual": "v1.26.7", "status": "affected", "version": "v1.26.0", "versionType": "semver"}, {"lessThanOrEqual": "v1.25.12", "status": "affected", "version": "v1.25.0", "versionType": "semver"}, {"status": "unaffected", "version": "v1.28.1"}, {"status": "unaffected", "version": "v1.27.5"}, {"status": "unaffected", "version": "v1.26.8"}, {"status": "unaffected", "version": "v1.25.13"}, {"status": "unaffected", "version": "v1.24.17"}, {"lessThanOrEqual": "v1.24.16", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "James Sturtevant"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Mark Rossetti"}], "datePublic": "2023-08-23T04:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.<br>"}], "value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.\n"}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes", "dateUpdated": "2023-10-31T20:36:54.352Z"}, "references": [{"tags": ["issue-tracking"], "url": "https://github.com/kubernetes/kubernetes/issues/119595"}, {"tags": ["mailing-list"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E"}, {"url": "https://security.netapp.com/advisory/ntap-20231221-0002/"}], "source": {"discovery": "INTERNAL"}, "title": "Kubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:08:50.695Z"}, "title": "CVE Program Container", "references": [{"tags": ["issue-tracking", "x_transferred"], "url": "https://github.com/kubernetes/kubernetes/issues/119595"}, {"tags": ["mailing-list", "x_transferred"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E"}, {"url": "https://security.netapp.com/advisory/ntap-20231221-0002/", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF4C81ED-BB69-490B-BABA-89C2501A5E6D", "versionEndExcluding": "1.24.17", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "86AE4580-37A1-4E7B-9B7A-A30316676065", "versionEndExcluding": "1.25.13", "versionStartIncluding": "1.25.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "99BCE3D9-3EFA-4358-B36E-47954DBE28D4", "versionEndExcluding": "1.26.8", "versionStartIncluding": "1.26.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F30AD24-3FA9-4FA8-BCD5-5351EA357B49", "versionEndExcluding": "1.27.5", "versionStartIncluding": "1.27.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "A3FAE518-D5F9-4A7D-A703-1D36EA8A563C", "versionEndExcluding": "1.28.1", "versionStartIncluding": "1.28.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A security issue was discovered in Kubernetes where a user\n that can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\n include Windows nodes.\n"}, {"lang": "es", "value": "Se descubri\u00f3 un problema de seguridad en Kubernetes donde un usuario que puede crear pods en nodos de Windows puede escalar a privilegios de administrador en esos nodos. Los cl\u00fasteres de Kubernetes solo se ven afectados si incluyen nodos de Windows."}], "id": "CVE-2023-3955", "lastModified": "2023-12-21T22:15:14.280", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "jordan@liggitt.net", "type": "Secondary"}]}, "published": "2023-10-31T21:15:08.613", "references": [{"source": "jordan@liggitt.net", "tags": ["Exploit", "Mitigation", "Patch", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/119595"}, {"source": "jordan@liggitt.net", "tags": ["Technical Description"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/JrX4bb7d83E"}, {"source": "jordan@liggitt.net", "url": "https://security.netapp.com/advisory/ntap-20231221-0002/"}], "sourceIdentifier": "jordan@liggitt.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "jordan@liggitt.net", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:4835", "cpe": "cpe:/a:redhat:openshift:4.10::el8", "package": "openshift4-wincw/windows-machine-config-rhel8-operator:5.1.2-3", "product_name": "Red Hat OpenShift Container Platform 4.10", "release_date": "2023-08-29T00:00:00Z"}, {"advisory": "RHSA-2023:4780", "cpe": "cpe:/a:redhat:openshift:4.11::el8", "package": "openshift4-wincw/windows-machine-config-rhel8-operator:6.0.2-5", "product_name": "Red Hat OpenShift Container Platform 4.11", "release_date": "2023-08-28T00:00:00Z"}, {"advisory": "RHSA-2023:4777", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4-wincw/windows-machine-config-rhel8-operator:7.1.1-9", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2023-08-28T00:00:00Z"}, {"advisory": "RHSA-2023:4885", "cpe": "cpe:/a:redhat:openshift:4.13::el9", "package": "openshift4-wincw/windows-machine-config-rhel9-operator:8.0.2-9", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2023-08-30T00:00:00Z"}, {"advisory": "RHSA-2023:7515", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "openshift4-wincw/windows-machine-config-operator-bundle:v9.0.0-104", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2023-11-27T00:00:00Z"}, {"advisory": "RHSA-2023:7515", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "openshift4-wincw/windows-machine-config-rhel9-operator:9.0.0-105", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2023-11-27T00:00:00Z"}, {"advisory": "RHSA-2023:7515", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "openshift4/windows-machine-config-operator-bundle:v9.0.0-104", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2023-11-27T00:00:00Z"}], "bugzilla": {"description": "kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation", "id": "2227128", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227128"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-269", "details": ["A security issue was discovered in Kubernetes where a user\nthat can create pods on Windows nodes may be able to escalate to admin \nprivileges on those nodes. Kubernetes clusters are only affected if they\ninclude Windows nodes.", "A vulnerability was found in Kubernetes. This flaw allows a user who can create pods on Windows nodes to escalate to admin privileges on those nodes."], "name": "CVE-2023-3955", "public_date": "2023-08-23T13:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-3955\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3955"], "statement": "Kubernetes clusters are only affected if they include Windows nodes. Any Kubernetes environment with Windows nodes is impacted. Run kubectl get nodes -l kubernetes.io/os=windows to see if any Windows nodes are in use.", "threat_severity": "Important"}