VDB
CVE-2023-2728
CVE-2023-2728
PUBLISHED
Es existiert eine Schwachstelle in Kubernetes. Container, die die vom ServiceAccount-Zulassungs-Plugin durchgesetzte "mountable secrets policy" umgehen, können unter bestimmten Umständen von Benutzern gestartet werden. Ein Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
EPSS 4.85% · 89.7th percentile
Risk Scores
EPSS Score
4.85%
89.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Open Source | Open Source Kubernetes <1.26.6 | |
| Open Source | Open Source Kubernetes <1.24.15 | |
| SUSE | SUSE Linux | |
| Open Source | Open Source Kubernetes <1.25.11 | |
| Red Hat | Red Hat Enterprise Linux | |
| Open Source | Open Source Kubernetes <1.27.3 | |
| Oracle | Oracle Linux |
Timeline
- Jun 14, 2023 CVE Published
- Jul 4, 2023 EPSS Score
- Sep 19, 2024 CVE Updated
- Mar 17, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 23, 2025 EPSS Score
- Mar 24, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- Apr 12, 2025 EPSS Score
- Apr 13, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1469.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1469 advisory
- https://github.com/kubernetes/kubernetes/issues/118640 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-June/015240.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-June/015239.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-June/015238.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-June/015237.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12562.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12561.html advisory
- https://linux.oracle.com/errata/ELSA-2023-25546.html advisory
- https://linux.oracle.com/errata/ELSA-2023-12563.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-August/015870.html advisory
- https://access.redhat.com/errata/RHSA-2023:5008 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-September/019474.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2024-September/019472.html advisory