Microsoft Azure Kubernetes Service vulnerabilities

CVE-2026-33105 [CRITICAL] CWE-285 CVE-2026-33105: Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elev Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.

CVE-2024-29990 [CRITICAL] CWE-284 CVE-2024-29990: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-21400 [CRITICAL] CWE-22 CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2024-21376 [CRITICAL] CWE-284 CVE-2024-21376: Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution Vulnerability

CVE-2024-21403 [CRITICAL] CWE-552 CVE-2024-21403: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2023-29332 [HIGH] CWE-330 CVE-2023-29332: Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

CVE-2021-27075 [MEDIUM] CVE-2021-27075: Azure Virtual Machine Information Disclosure Vulnerability Azure Virtual Machine Information Disclosure Vulnerability