CVE-2024-21403
CVSS 3.1 Score 9.0 of 10 (high)
Details
Published Feb 13, 2024
Updated: May 29, 2024
CWE ID 552
Summary
CVE-2024-21403 is a newly disclosed vulnerability affecting Microsoft Azure Kubernetes Service. This issue grants an attacker the ability to elevate their privileges in a confidential container, potentially allowing unauthorized access to sensitive data. The vulnerability exists due to an improper access control mechanism in the Azure Kubernetes Service. Successful exploitation of this vulnerability could result in significant data breaches or system compromise. Microsoft urges all users to apply the available patch as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share