{"vulnerability": "CVE-2023-3955", "sightings": [{"uuid": "81734e90-4a94-424b-b701-055a0b5b973a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "Telegram/Eqz54UavaIWHVUW9FJ7x8kPgHx309M56ivVEiN1xHvA_sg", "content": "", "creation_timestamp": "2023-09-13T18:29:02.000000Z"}, {"uuid": "f927d2fc-5cae-47ba-9c24-ad6a0a69fc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/ctinow/132601", "content": "https://ift.tt/jOr9APR\nKubelet vulnerabilities on Windows nodes: CVE-2023-3676, CVE-2023-3955 and CVE-2023-3893", "creation_timestamp": "2023-08-24T08:20:12.000000Z"}, {"uuid": "023ed088-563e-4526-801c-a4ced3bc8b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39558", "type": "published-proof-of-concept", "source": "Telegram/7a7fweCj36f2cd-3XHNsj84vMqrUUzQeix11cFhtTPwJ", "content": "", "creation_timestamp": "2023-10-22T22:26:28.000000Z"}, {"uuid": "8ca69808-cfd3-4d0d-80a0-a7d1327f36da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39559", "type": "published-proof-of-concept", "source": "Telegram/7a7fweCj36f2cd-3XHNsj84vMqrUUzQeix11cFhtTPwJ", "content": "", "creation_timestamp": "2023-10-22T22:26:28.000000Z"}, {"uuid": "a7c51084-9775-4f5a-8045-e25cf0161fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/cibsecurity/73271", "content": "\u203c CVE-2023-3955 \u203c\n\nA security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-31T23:21:08.000000Z"}, {"uuid": "f6b49d19-29ba-43cf-8c8b-ce598b55315e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/KomunitiSiber/787", "content": "Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints\nhttps://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html\n\nThree interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.\nThe\u00a0issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the vulnerabilities were\u00a0released\u00a0on August", "creation_timestamp": "2023-09-13T16:55:52.000000Z"}, {"uuid": "73c8bb1d-5e33-4444-9cd6-529d749a6322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/true_secator/4847", "content": "\u0412 Kubernetes \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043d\u0430 \u043e\u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Windows \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \n\n\u0412\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-3676, CVE-2023-3893 \u0438 CVE-2023-3955 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 8.8.\n\n\u0411\u0430\u0433\u0438 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0441\u0440\u0435\u0434\u044b Kubernetes \u0441 \u0445\u043e\u0441\u0442\u0430\u043c\u0438 Windows, \u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b YAML \u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0435.\n\nCVE-2023-3676 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 'apply' \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 API Kubernetes \u0438 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 Windows \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 SYSTEM.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0442\u0430\u043a \u0436\u0435, \u043a\u0430\u043a \u0438 CVE-2023-3955, \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0435 \u043f\u0443\u0442\u0438 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u044b PowerShell, \u0447\u0442\u043e \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n\n\u0421 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, CVE-2023-3893, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e \u0441\u043b\u0443\u0447\u0430\u0435\u043c \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Container Storage Interface (CSI), \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0443\u0437\u043b\u0443.\n\n\u0411\u0430\u0433\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b 13 \u0438\u044e\u043b\u044f 2023 \u0433\u043e\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Akamai, \u0430 23 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0412 Amazon Web Services, Google Cloud \u0438 Microsoft Azure \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043e\u0432\u0435\u0442\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u044d\u0442\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Kubelet: < v1.28.1, v1.27.5, v1.26.8, v1.25.13 \u0438 v1.24.17.", "creation_timestamp": "2023-09-14T15:21:47.000000Z"}, {"uuid": "0804f59a-b625-4317-94bc-a2598afdcd79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/ctinow/158088", "content": "https://ift.tt/rNgjhfq\nCVE-2023-3955 Kubernetes Vulnerability in NetApp Products", "creation_timestamp": "2023-12-22T00:26:44.000000Z"}, {"uuid": "fc563867-6181-412c-a352-862c3059362d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39558", "type": "seen", "source": "https://t.me/cibsecurity/69404", "content": "\u203c CVE-2023-39558 \u203c\n\nAudimexEE v15.0 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the Show Kai Data component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T02:17:50.000000Z"}, {"uuid": "6223dddb-bb32-4303-a6a5-0307cd57eef7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3955", "type": "seen", "source": "https://t.me/thehackernews/3873", "content": "\ud83d\udea8 Critical security flaws discovered in Kubernetes could lead to remote code execution with elevated privileges on Windows endpoints within a cluster. \n \nLearn more about CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955: https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html", "creation_timestamp": "2023-09-14T16:15:58.000000Z"}, {"uuid": "5b9c0134-1d6e-4928-bbbd-56d350a45b74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39559", "type": "seen", "source": "https://t.me/cibsecurity/69399", "content": "\u203c CVE-2023-39559 \u203c\n\nAudimexEE 15.0 was discovered to contain a full path disclosure vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T02:17:43.000000Z"}, {"uuid": "2e162713-f5f4-4bf2-bec9-80eea7ea8661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39553", "type": "seen", "source": "https://t.me/cibsecurity/68323", "content": "\u203c CVE-2023-39553 \u203c\n\nImproper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server.This issue affects Apache Airflow Drill Provider: before 2.4.3.It is recommended to upgrade to a version that is not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T12:27:18.000000Z"}, {"uuid": "53859d55-5efe-4f63-8d47-fb6e654a6543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39551", "type": "seen", "source": "https://t.me/cibsecurity/67796", "content": "\u203c CVE-2023-39551 \u203c\n\nPHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T22:41:18.000000Z"}, {"uuid": "745f15f2-0164-4856-b2a2-fe6d0286b1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39552", "type": "seen", "source": "https://t.me/cibsecurity/67783", "content": "\u203c CVE-2023-39552 \u203c\n\nPHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to Cross-Site Scripting (XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T22:41:00.000000Z"}]}