#AzureCNI

Azure Kubernetes Services Vulnerability Exposed Sensitive Information

by

August 21, 2024 at 07:42AM A privilege escalation vulnerability in Microsoft Azure Kubernetes Services allowed attackers to access sensitive information, including cluster credentials. The flaw impacted clusters using Azure CNI and Azure for network policy. Exploiting this flaw, attackers could access secrets, compromise clusters, and abuse cloud services and metadata servers, potentially leading to network … Read more

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

by

August 20, 2024 at 06:40AM Cybersecurity researchers have identified a security flaw in Microsoft Azure Kubernetes Services, allowing attackers to escalate privileges and access service credentials. The bug affects clusters using “Azure CNI” for network configuration and “Azure” for network policy. Microsoft has addressed the issue. Other high-severity flaws in Kubernetes platforms have been reported, … Read more