vulnerability
Debian: CVE-2023-2728: kubernetes -- security update
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:M/C:C/I:C/A:N) | 2023-07-03 | 2024-07-30 | 2025-02-20 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:N)
Published
2023-07-03
Added
2024-07-30
Modified
2025-02-20
Description
Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.
Solution
debian-upgrade-kubernetes

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.