vulnerability

Kubernetes: CVE-2023-2727: Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:N)

Published

Jul 3, 2023

Added

Jul 14, 2023

Modified

Apr 17, 2026

Description

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.

Solutions

kubernetes-upgrade-1_24_15kubernetes-upgrade-1_25_11kubernetes-upgrade-1_26_6kubernetes-upgrade-1_27_3

References

CVE-2023-2727
https://attackerkb.com/topics/CVE-2023-2727
CWE-20
EUVD-EUVD-2023-2130
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-2130
https://github.com/kubernetes/kubernetes/issues/118640

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report