Plataforma
kubernetes
Componente
azure-kubernetes-service-confidential-container
Corrigido em
0.3.3
CVE-2024-21400 is a critical elevation of privilege vulnerability affecting Microsoft Azure Kubernetes Service Confidential Containers. This flaw allows an attacker to potentially escalate their privileges within the Kubernetes cluster. The vulnerability impacts versions 1.0.0 through 0.3.3, and a fix is available in version 0.3.3.
Successful exploitation of CVE-2024-21400 could allow an attacker to gain unauthorized access to sensitive data and resources within the Azure Kubernetes Service environment. An attacker could potentially compromise confidential containers, bypassing security measures designed to protect sensitive workloads. This could lead to data breaches, disruption of services, and further lateral movement within the cluster. The impact is particularly severe given the intended purpose of Confidential Containers – to isolate workloads and protect data in use.
This vulnerability was publicly disclosed on March 12, 2024. The CVSS score of 9.0 (CRITICAL) indicates a high probability of exploitation. Currently, there are no publicly available proof-of-concept exploits, but the severity warrants immediate attention and remediation. It is not listed on the CISA KEV catalog as of this writing.
Organizations heavily reliant on Azure Kubernetes Service Confidential Containers for protecting sensitive workloads are at significant risk. This includes those deploying regulated data (e.g., HIPAA, PCI DSS) or handling intellectual property. Environments with misconfigured Kubernetes clusters or lacking robust network segmentation are particularly vulnerable.
• kubernetes / server:
kubectl get pods -l aks.microsoft.com/confidential=true -o wide | grep 'Version:'• kubernetes / server:
kubectl describe pod <pod-name> | grep 'Confidential Container Runtime Version:'• kubernetes / server:
# Check for unusual pod configurations or resource requests
kubectl get pods --all-namespaces -o yaml | grep -i 'confidential'disclosure
Status do Exploit
EPSS
1.20% (percentil 79%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2024-21400 is to upgrade Azure Kubernetes Service Confidential Containers to version 0.3.3 or later. If immediate upgrade is not possible, consider implementing stricter network policies and access controls within your Kubernetes cluster to limit the potential blast radius of a successful attack. Regularly review and audit your Kubernetes configurations to identify and address any potential misconfigurations that could be exploited. After upgrade, confirm by verifying the version of the Confidential Container runtime.
Atualize seu Microsoft Azure Kubernetes Service para a versão 0.3.3 ou superior. Isso corrigirá a vulnerabilidade de elevação de privilégios. Consulte o advisory da Microsoft para obter instruções detalhadas sobre a atualização.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2024-21400 is a critical vulnerability in Azure Kubernetes Service Confidential Containers allowing attackers to escalate privileges. It affects versions 1.0.0–0.3.3 and has a CVSS score of 9.0.
If you are using Azure Kubernetes Service Confidential Containers with versions between 1.0.0 and 0.3.3, you are potentially affected by this vulnerability. Check your version immediately.
Upgrade Azure Kubernetes Service Confidential Containers to version 0.3.3 or later to resolve this vulnerability. If immediate upgrade is not possible, implement stricter network policies.
While no public exploits are currently available, the high CVSS score suggests a potential for exploitation, requiring immediate remediation.
Refer to the Microsoft Security Update Guide for CVE-2024-21400: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21400
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.