cbcvebase.

Microsoft Azure Kubernetes Service vulnerabilities

9 known vulnerabilities affecting microsoft/azure_kubernetes_service.

Total CVEs
9
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2023-44487P1HIGHCVSS 7.5KEVPoCfixed in 2023-10-082023-10-10
CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
nvd
CVE-2024-29990P2CRITICALCVSS 9.0≥ 1.0.0, < 0.3.42024-04-09
CVE-2024-29990 [CRITICAL] CWE-284 CVE-2024-29990: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
nvd
CVE-2026-33105P2CRITICALCVSS 9.8v-2026-04-03
CVE-2026-33105 [CRITICAL] CWE-285 CVE-2026-33105: Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elev Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2024-21376P3CRITICALCVSS 9.0≥ 1.0.0, < 0.3.32024-02-13
CVE-2024-21376 [CRITICAL] CWE-284 CVE-2024-21376: Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability
nvd
CVE-2023-29332P3CRITICALCVSS 9.8≥ 1.0, < VHD 2023082023-09-12
CVE-2023-29332 [CRITICAL] CWE-330 CVE-2023-29332: Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
nvd
CVE-2024-21400P3CRITICALCVSS 9.0≥ 1.0.0, < 0.3.32024-03-12
CVE-2024-21400 [CRITICAL] CWE-22 CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
nvd
CVE-2024-21403P3CRITICALCVSS 9.0≥ 1.0.0, < 0.3.32024-02-13
CVE-2024-21403 [CRITICAL] CWE-552 CVE-2024-21403: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability
nvd
CVE-2026-32193P3HIGHCVSS 8.8≥ 1.0, < v0.20260213.52026-06-09
CVE-2026-32193 [HIGH] CWE-22 CVE-2026-32193: Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Ku Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft Azure Kubernetes Service allows an authorized attacker to execute code locally.
nvd
CVE-2021-27075P4MEDIUMCVSS 6.8≥ 1.0, < publication2021-03-11
CVE-2021-27075 [MEDIUM] CVE-2021-27075: Azure Virtual Machine Information Disclosure Vulnerability Azure Virtual Machine Information Disclosure Vulnerability
nvd
Microsoft Azure Kubernetes Service vulnerabilities | cvebase