Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2024-28917

Disclosure Date: April 09, 2024 (last updated January 12, 2025)
Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
0
0
Attacker Value
Unknown

CVE-2023-38176

Disclosure Date: August 08, 2023 (last updated February 25, 2025)
Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-35798

Disclosure Date: May 18, 2023 (last updated January 11, 2025)
Azure Arc Jumpstart Information Disclosure Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-37968

Disclosure Date: October 11, 2022 (last updated January 11, 2025)
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-38007

Disclosure Date: September 13, 2022 (last updated January 11, 2025)
Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0