Main Vulnerability Database Exploits ID:10497 - Exploit for Permissions, Privileges, and Access Controls in apiserver - CVE-2023-2728

ID:10497 - Exploit for Permissions, Privileges, and Access Controls in apiserver - CVE-2023-2728

Published: September 6, 2024

Vulnerability identifier: #VU77526

Vulnerability risk: Medium

CVE-ID: CVE-2023-2728

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
apiserver

Link to public exploit:

https://github.com/Cgv-Dev/Metasploit-Module-TFM

Vulnerability description

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.

Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with ephemeral containers.

Remediation

Install updates from vendor's website.

ID:10497 - Exploit for Permissions, Privileges, and Access Controls in apiserver - CVE-2023-2728

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human