THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-28917

Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability

Reserved:2024-03-13
Published:2024-04-09
Updated:2024-05-14

Description

Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability



MEDIUM: 6.2CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C

Problem types

CWE-284: Improper Access Control

Product status

1.0.0 before 1.2.6
affected

1.0.0 before 1.0.2620-162
affected

1.0.0 before 0.3.0-preview
affected

1.0.0 before 5.1.3
affected

1.0.0 before 5.0.5
affected

1.0.0 before 1.1.2
affected

1.0.0 before 1.5.2
affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28917 (Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability) vendor-advisory

cve.org CVE-2024-28917

nvd.nist.gov CVE-2024-28917

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-28917