Privilege Escalation Vulnerability in OpenShift Kubernetes API Server

Privilege Escalation Vulnerability in OpenShift Kubernetes API Server

CVE-2023-5408 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Learn more about our Cis Benchmark Audit For Kubernetes.