Azure Kubernetes Service Microsoft Azure Kubernetes Service

Do you want an email whenever new security vulnerabilities are reported in Microsoft Azure Kubernetes Service?

Recent Microsoft Azure Kubernetes Service Security Advisories

Advisory Title Published
CVE-2024-29990 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability April 9, 2024
CVE-2024-21400 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability March 12, 2024
CVE-2024-21376 Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability February 13, 2024
CVE-2024-21403 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability February 13, 2024
CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability September 12, 2023

By the Year

In 2024 there have been 1 vulnerability in Microsoft Azure Kubernetes Service with an average score of 9.0 out of ten. Last year Azure Kubernetes Service had 2 security vulnerabilities published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.35.

Year Vulnerabilities Average Score
2024 1 9.00
2023 2 8.65
2022 0 0.00
2021 3 6.37
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Azure Kubernetes Service vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Azure Kubernetes Service Security Vulnerabilities

Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability

CVE-2024-21376 9 - Critical - February 13, 2024

Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability

The HTTP/2 protocol

CVE-2023-44487 7.5 - High - October 10, 2023

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Resource Exhaustion

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

CVE-2023-29332 9.8 - Critical - September 12, 2023

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Improper Input Validation

Azure Virtual Machine Information Disclosure Vulnerability

CVE-2021-27075 6.8 - Medium - March 11, 2021

Azure Virtual Machine Information Disclosure Vulnerability

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

CVE-2021-24109 6.8 - Medium - February 25, 2021

Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

Azure Active Directory Pod Identity Spoofing Vulnerability

CVE-2021-1677 5.5 - Medium - January 12, 2021

Azure Active Directory Pod Identity Spoofing Vulnerability

Authentication Bypass by Spoofing

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Azure Kubernetes Service or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe