{"vulnerability": "cve-2023-2728", "sightings": [{"uuid": "fde5b828-e1d2-4e17-8a4c-ccb514ced99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2728", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4329", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2728\n\ud83d\udd25 CVSS Score: 6.4 (CVSS_V3)\n\ud83d\udd39 Description: Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account\u2019s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\ud83d\udccf Published: 2023-07-03T21:30:57Z\n\ud83d\udccf Modified: 2025-02-13T19:01:03Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2023-2728\n2. https://github.com/kubernetes/kubernetes/issues/118640\n3. https://github.com/kubernetes/kubernetes/pull/118356\n4. https://github.com/kubernetes/kubernetes/pull/118471\n5. https://github.com/kubernetes/kubernetes/pull/118473\n6. https://github.com/kubernetes/kubernetes/pull/118474\n7. https://github.com/kubernetes/kubernetes/pull/118512\n8. https://github.com/kubernetes/kubernetes\n9. https://groups.google.com/g/kubernetes-security-announce/c/vPWYJ_L84m8\n10. https://security.netapp.com/advisory/ntap-20230803-0004\n11. http://www.openwall.com/lists/oss-security/2023/07/06/3", "creation_timestamp": "2025-02-13T19:20:43.000000Z"}, {"uuid": "38f6756c-50d9-49b0-9964-9e41fdf0e873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27285", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/818", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27285\n\ud83d\udd39 Description: IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system.  IBM X-Force ID:  248625.\n\ud83d\udccf Published: 2023-06-04T23:52:11.073Z\n\ud83d\udccf Modified: 2025-01-08T19:48:22.455Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7001053\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/248625", "creation_timestamp": "2025-01-08T20:14:20.000000Z"}, {"uuid": "c56e51b3-7ba6-4f07-a82a-d51a580e1c48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2728", "type": "seen", "source": "https://t.me/cibsecurity/65896", "content": "\u203c CVE-2023-2728 \u203c\n\nUsers may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account\u00e2\u20ac\u2122s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-04T00:23:06.000000Z"}, {"uuid": "ba07f0a8-2ddb-4c27-96cc-634236f5e911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2728", "type": "seen", "source": "https://t.me/arpsyndicate/2145", "content": "#ExploitObserverAlert\n\nCVE-2023-2728\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2728. Users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures pods running with a service account may only reference secrets specified in the service account\u2019s secrets field. Kubernetes clusters are only affected if the ServiceAccount admission plugin and the `kubernetes.io/enforce-mountable-secrets` annotation are used together with ephemeral containers.\n\nFIRST-EPSS: 0.000660000\nNVD-IS: 5.2\nNVD-ES: 1.2", "creation_timestamp": "2023-12-24T03:29:19.000000Z"}]}