CVE-2023-29332

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Sep 12, 2023

Updated: May 29, 2024

CWE ID 20

CWE ID 330

Summary

CVE-2023-29332 is an elevation of privilege vulnerability affecting Microsoft Azure Kubernetes Service. An attacker can exploit this flaw to gain higher levels of access within a Kubernetes cluster, potentially leading to unauthorized modifications or data exfiltration. This vulnerability can be triggered through a maliciously crafted Kubernetes YAML manifest file. Microsoft strongly advises all Azure Kubernetes Service users to apply the available patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sqnDV7
https://www.cve.org/CVERecord?id=CVE-2023-29332
https://nvd.nist.gov/vuln/detail/CVE-2023-29332

Back to Vulnerability Database

CVE-2023-29332

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations