A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.
https://groups.google.com/g/kubernetes-security-announce/c/d_fvHZ9a5zc
https://www.akamai.com/blog/security-research/2024-january-kubernetes-log-query-rce-windows
https://security.netapp.com/advisory/ntap-20231130-0007/
https://github.com/kubernetes/kubernetes/issues/119339
Source: Mitre, NVD
Published: 2023-10-31
Updated: 2025-02-13
Base Score: 9
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
Severity: High
Base Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS: 0.32579