[minikube] Network Port exposure in minikube running on macOS using Docker driver
CVE-2023-1174

9.8CRITICAL

Key Information:

Vendor: Kubernetes
Status: Minikube
Vendor: CVE Published:; 24 May 2023

What is CVE-2023-1174?

A vulnerability exists in Minikube when running on macOS with the Docker driver, which poses a risk of unexpected remote access to the Minikube container. This can potentially allow unauthorized individuals to access the network port exposed by the system, compromising container security and overall network integrity. Users of Minikube on macOS are advised to review their configurations and apply necessary updates to mitigate this security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

minikube macOS 1.26.0

minikube macOS <= 1.28.0

References

https://groups.google.com/g/kubernetes-security-announce/...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 24, 2023
Vulnerability Reserved
Mar 3, 2023

JSON

Kubernetes

What is CVE-2023-1174?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.