February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
IcedID Banking Trojan aka BokBot – Active IOCs
October 22, 2023Rewterz Threat Advisory – CVE-2023-44483 – Apache Santuario Vulnerability
October 22, 2023IcedID Banking Trojan aka BokBot – Active IOCs
October 22, 2023Rewterz Threat Advisory – CVE-2023-44483 – Apache Santuario Vulnerability
October 22, 2023
Severity
High
Analysis Summary
CVE-2023-3676 CVSS:8.8
Kubernetes could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation on Windows nodes. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain admin privileges.
CVE-2023-3893 CVSS:8.8
Kubernetes could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation on kubernetes-csi-proxy. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain admin privileges.
CVE-2023-3955 CVSS:8.8
Kubernetes could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper input validation on Windows nodes. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain admin privileges.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-3676
- CVE-2023-3893
- CVE-2023-3955
Affected Vendors
Kubernetes
Affected Products
- Kubernetes kubelet 1.25.12
- Kubernetes kubelet 1.24.16
- Kubernetes kubelet 1.26.7
- Kubernetes kubelet 1.28.0
- Kubernetes kubelet 1.27.4
Remediation
Refer to Kubernetes GIT Repository for patch, upgrade or suggested workaround information.