8.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-3676

GHSA ID

GHSA-7fxm-f474-hf8w

EPSS Score

0.96886%

CWE

CWE-20

Published

10/31/2023

Updated

2/13/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-3676

CVE-2023-3676: Kubernetes privilege escalation vulnerability

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2023-3676

CVE-2023-3676:

8.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-3676

GHSA ID

GHSA-7fxm-f474-hf8w

EPSS Score

0.96886%

CWE

CWE-20

Published

10/31/2023

Updated

2/13/2025

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
k8s.io/kubernetes	go	= 1.28.0	1.28.1
k8s.io/kubernetes	go	>= 1.27.0, < 1.27.5	1.27.5
k8s.io/kubernetes	go	>= 1.26.0, < 1.26.8	1.26.8
k8s.io/kubernetes	go	>= 1.25.0, < 1.25.13	1.25.13
k8s.io/kubernetes	go	< 1.24.17	1.24.17

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper input validation (CWE-20) in PowerShell command construction. The original implementations of isLinkPath and evalSymlink used fmt.Sprintf to directly embed user-controlled path parameters into PowerShell commands (Get-Item -LiteralPath %q). This pattern is vulnerable to command injection if the path contains PowerShell subexpressions. The patch mitigates this by using environment variables to pass paths, preventing command interpretation. The commit diff and CVE description explicitly reference these functions as the attack vector for privilege escalation on Windows nodes.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2023-3676: Kubernetes privilege escalation vulnerability

CVE-2023-3676:

8.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

CVE-2023-3676: Kubernetes privilege escalation vulnerability

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

8.8

8.8

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI