Privesc
CVE-2023-1260

8HIGH

Key Information:

Vendor
Red Hat
Status
kubernetes
Red Hat OpenShift Container Platform 4.10
Red Hat OpenShift Container Platform 4.11
Red Hat OpenShift Container Platform 4.12
Vendor
CVE Published:
24 September 2023

Summary

An authentication bypass vulnerability exists in kube-apiserver, which may allow an authenticated remote attacker to bypass intended access controls. By obtaining permissions to update or patch the 'pods/ephemeralcontainers' subresource, an attacker could potentially create or modify privileged pods, evading admission restrictions imposed by Security Context Constraints (SCCs). This could lead to unauthorized control over sensitive or critical components within a Kubernetes cluster, posing significant risks to the security of deployed applications.

References

https://access.redhat.com/errata/RHSA-2023:3976
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4093
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:4312
vendor-advisoryx_refsource_REDHAT

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

This issue was discovered by Xingxing Xia (Red Hat).
.