Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)
Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster. About the vulnerabilities CVE-2023-3676, discovered by Akamai researcher Tomer Peled, is a command injection vulnerability that can be exploited by applying a malicious YAML file on the cluster. “The Kubernetes framework uses YAML files for basically everything — from configuring the Container Network Interface to pod management and even secret … More
The post Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676) appeared first on Help Net Security.
Thank you for stopping by our page. If you'd like to learn more about this topic, you can find the full article by clicking HERE