Microsoft Azure Kubernetes Service
Recent Microsoft Azure Kubernetes Service Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2024-29990 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | April 9, 2024 |
| CVE-2024-21400 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | March 12, 2024 |
| CVE-2024-21376 | Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability | February 13, 2024 |
| CVE-2024-21403 | Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability | February 13, 2024 |
| CVE-2023-29332 | Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | September 12, 2023 |
By the Year
In 2024 there have been 1 vulnerability in Microsoft Azure Kubernetes Service with an average score of 9.0 out of ten. Last year Azure Kubernetes Service had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Azure Kubernetes Service in 2024 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.35.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 1 | 9.00 |
| 2023 | 2 | 8.65 |
| 2022 | 0 | 0.00 |
| 2021 | 3 | 6.37 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Azure Kubernetes Service vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Azure Kubernetes Service Security Vulnerabilities
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability
CVE-2024-21376
9 - Critical
- February 13, 2024
Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability
The HTTP/2 protocol
CVE-2023-44487
7.5 - High
- October 10, 2023
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Resource Exhaustion
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
CVE-2023-29332
9.8 - Critical
- September 12, 2023
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
Improper Input Validation
Azure Virtual Machine Information Disclosure Vulnerability
CVE-2021-27075
6.8 - Medium
- March 11, 2021
Azure Virtual Machine Information Disclosure Vulnerability
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
CVE-2021-24109
6.8 - Medium
- February 25, 2021
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
Azure Active Directory Pod Identity Spoofing Vulnerability
CVE-2021-1677
5.5 - Medium
- January 12, 2021
Azure Active Directory Pod Identity Spoofing Vulnerability
Authentication Bypass by Spoofing
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Azure Kubernetes Service or by Microsoft? Click the Watch button to subscribe.
