CVE-2023-5528

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 14, 2023

Updated: Jan 19, 2024

CWE ID 20

Summary

CVE-2023-5528 is a newly disclosed vulnerability affecting Kubernetes clusters that use in-tree storage plugins for Windows nodes. A user with the ability to create pods and persistent volumes on these nodes can potentially escalate their privileges, gaining admin access. This issue only impacts Kubernetes clusters with Windows nodes, making it crucial for administrators to apply relevant patches as soon as possible to mitigate this escalation of privilege threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/s-HfNP
https://www.cve.org/CVERecord?id=CVE-2023-5528
https://nvd.nist.gov/vuln/detail/CVE-2023-5528

Back to Vulnerability Database

CVE-2023-5528

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations