Kubernetes is vulnerable to privilege escalation when a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.

Affected Packages

Go github.com/kubernetes-csi/csi-proxy/v2

Affected versions: 2.0.0-alpha.0 (fixed in 2.0.0-alpha.1)

Go github.com/kubernetes-csi/csi-proxy

Affected versions: 0.1.0-rc1 (fixed in 1.1.3)

Go github.com/kubernetes-csi/csi-proxy

Affected versions: 0 (fixed in 0.0.0-20230821192013-2523e6674ded)

Go github.com/kubernetes-csi/csi-proxy

Affected versions: 1.1.3-0 (fixed in 1.1.3-0.20230821192013-2523e6674ded)

Related CVEs

CVE-2023-3893

Key Information

GHSA ID

GHSA-r6cc-7wj7-gfx2

Published

November 3, 2023 6:30 PM

Last Modified

July 9, 2025 3:32 PM

CVSS Score

7.5 /10

Primary Ecosystem

Primary Package

github.com/kubernetes-csi/csi-proxy/v2

GitHub Reviewed

✓ Yes

Dataset

Last updated: November 25, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.