Red Hat OpenShift: CVE-2023-5528: kubernetes: Insufficient input sanitization in in-tree storage plugin leads to privilege escalation on Windows nodes
4
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
11/14/2023
12/08/2023
12/07/2023
03/08/2024
Description
A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they are using an in-tree storage plugin for Windows nodes.
Solution(s)
- linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel8-operator
- linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel9-operator
Advanced vulnerability management analytics and reporting.
Key Features
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center