Kubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation
CVE-2023-3955
8.8HIGH
What is CVE-2023-3955?
A vulnerability has been identified in Kubernetes that allows users with pod creation permissions on Windows nodes to potentially escalate their privileges to an administrative level. This poses a risk to Kubernetes clusters that operate with Windows nodes, enabling unauthorized users to gain elevated access and control. It is crucial for administrators to review and apply necessary security measures to mitigate this vulnerability and protect their systems.
Affected Version(s)
kubelet v1.28.0
kubelet v1.27.0
kubelet v1.26.0