Vulnerability Description
Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kubernetes | Kubernetes | <= 1.24.14 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2023/07/06/2Mailing ListThird Party Advisory
- https://github.com/kubernetes/kubernetes/issues/118640Issue Tracking
- https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8Mailing List
- https://security.netapp.com/advisory/ntap-20230803-0004/
- http://www.openwall.com/lists/oss-security/2023/07/06/2Mailing ListThird Party Advisory
- https://github.com/kubernetes/kubernetes/issues/118640Issue Tracking
- https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8Mailing List
- https://security.netapp.com/advisory/ntap-20230803-0004/
FAQ
What is CVE-2023-2727?
CVE-2023-2727 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission...
How severe is CVE-2023-2727?
CVE-2023-2727 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-2727?
Check the references section above for vendor advisories and patch information. Affected products include: Kubernetes Kubernetes.