Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-29990

9CRITICAL

Key Information

Vendor: Microsoft
Status: Azure Kubernetes Service
Vendor: CVE Published:; 9 April 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Affected Version(s)

Azure Kubernetes Service < 0.3.4

News Articles

RedLegg

CVE-2024-29990CVE-2024-29988

Patch Tuesday - April 2024

Stay informed with RedLegg's critical Patch Tuesday updates for April 2024, addressing vulnerabilities in Microsoft Azure, SmartScreen, Defender for IoT, and more. All this and more...

7 months ago

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

👾
Exploit exists.
Oct 9, 2024
First article discovered by RedLegg
Apr 12, 2024
Vulnerability published.
Apr 9, 2024
Vulnerability Reserved.
Mar 22, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed1 News Article(s)