admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/2xxx/CVE-2023-2727.json
CVE Team fdf439384c
"-Synchronized-Data."
2023-08-03 15:00:36 +00:00

148 lines
5.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-2727",
"ASSIGNER": "security@kubernetes.io",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Kubernetes",
"product": {
"product_data": [
{
"product_name": "Kubernetes",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "v1.24.14",
"version_value": "<="
},
{
"version_affected": "=",
"version_value": "v1.25.0 - v1.25.10"
},
{
"version_affected": "=",
"version_value": "v1.26.0 - v1.26.5"
},
{
"version_affected": "=",
"version_value": "v1.27.0 - v1.27.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8",
"refsource": "MISC",
"name": "https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8"
},
{
"url": "https://github.com/kubernetes/kubernetes/issues/118640",
"refsource": "MISC",
"name": "https://github.com/kubernetes/kubernetes/issues/118640"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/06/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/07/06/2"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230803-0004/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230803-0004/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<div><div>Prior to upgrading, this vulnerability can be mitigated by running v<span style=\"background-color: var(--wht);\">alidation webhooks (such as Gatekeeper and Kyverno) to enforce the same restrictions for ephemeral containers.</span></div></div>"
}
],
"value": "Prior to upgrading, this vulnerability can be mitigated by running validation webhooks (such as Gatekeeper and Kyverno) to enforce the same restrictions for ephemeral containers.\n\n\n\n"
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<div><div>To mitigate this vulnerability, upgrade Kubernetes: <a target=\"_blank\" rel=\"nofollow\" href=\"https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster\">https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster</a></div></div>"
}
],
"value": "To mitigate this vulnerability, upgrade Kubernetes: https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster \n\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Stanislav L\u00e1zni\u010dka"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink