vulnerability
Red Hat OpenShift: CVE-2023-1260: kube-apiserver: PrivEsc
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:M/Au:M/C:C/I:C/A:C) | 2023-07-13 | 2023-07-13 | 2025-04-14 |
Severity
8
CVSS
(AV:N/AC:M/Au:M/C:C/I:C/A:C)
Published
2023-07-13
Added
2023-07-13
Modified
2025-04-14
Description
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod.
Solution(s)
linuxrpm-upgrade-microshiftlinuxrpm-upgrade-openshift

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.