CVE-2023-2431

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 16, 2023

Updated: Jul 1, 2023

CWE ID 1287

Summary

CVE-2023-2431 is a newly identified vulnerability in Kubelet, an open-source containerManagement system. This issue permits pods to bypass seccomp profile enforcement when they use localhost type but leave the profile field empty. As a result, these pods operate in an unconfined state, effectively disabling seccomp. This weakness exposes Kubelet to potential security risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rqO0XE
https://www.cve.org/CVERecord?id=CVE-2023-2431
https://nvd.nist.gov/vuln/detail/CVE-2023-2431

Back to Vulnerability Database

CVE-2023-2431

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations