{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-2728","assignerOrgId":"a6081bf6-c852-4425-ad4f-a67919267565","state":"PUBLISHED","assignerShortName":"kubernetes","dateReserved":"2023-05-16T00:32:00.189Z","datePublished":"2023-07-03T20:06:11.796Z","dateUpdated":"2025-02-13T16:45:20.353Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Kubernetes","vendor":"Kubernetes","versions":[{"lessThanOrEqual":"<=","status":"affected","version":"v1.24.14","versionType":"semver"},{"status":"affected","version":"v1.25.0 - v1.25.10"},{"status":"affected","version":"v1.26.0 - v1.26.5"},{"status":"affected","version":"v1.27.0 - v1.27.2"}]}],"credits":[{"lang":"en","type":"reporter","user":"00000000-0000-4000-9000-000000000000","value":"Rita Zhang"}],"datePublic":"2023-06-15T04:30:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div>Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.</div>"}],"value":"Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account’s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers."}],"impacts":[{"capecId":"CAPEC-554","descriptions":[{"lang":"en","value":"CAPEC-554 Functionality Bypass"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"a6081bf6-c852-4425-ad4f-a67919267565","shortName":"kubernetes","dateUpdated":"2023-08-03T14:06:30.139Z"},"references":[{"tags":["mailing-list"],"url":"https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8"},{"tags":["issue-tracking"],"url":"https://github.com/kubernetes/kubernetes/issues/118640"},{"url":"http://www.openwall.com/lists/oss-security/2023/07/06/3"},{"url":"https://security.netapp.com/advisory/ntap-20230803-0004/"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<div><div>To mitigate this vulnerability, upgrade Kubernetes: <a target=\"_blank\" rel=\"nofollow\" href=\"https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster\">https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster</a></div></div>"}],"value":"To mitigate this vulnerability, upgrade Kubernetes:  https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster https://kubernetes.io/docs/tasks/administer-cluster/cluster-management/#upgrading-a-cluster"}],"source":{"discovery":"INTERNAL"},"title":"Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T06:33:05.263Z"},"title":"CVE Program Container","references":[{"tags":["mailing-list","x_transferred"],"url":"https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8"},{"tags":["issue-tracking","x_transferred"],"url":"https://github.com/kubernetes/kubernetes/issues/118640"},{"url":"http://www.openwall.com/lists/oss-security/2023/07/06/3","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20230803-0004/","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-11-25T17:02:56.391082Z","id":"CVE-2023-2728","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-25T17:03:07.860Z"}}]}}