CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28917 – Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-28917
09 Apr 2024 — Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en el alcance del clúster de extensión de Kubernetes habilitada para Azure Arc • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28917 • CWE-284: Improper Access Control •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38176 – Azure Arc-Enabled Servers Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38176
08 Aug 2023 — Azure Arc-Enabled Servers Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38176 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35798 – Azure Arc Jumpstart Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35798
18 May 2023 — Azure Arc Jumpstart Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35798 •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-37968 – Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37968
11 Oct 2022 — Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability. Vulnerabilidad de elevación de privilegios en el... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37968 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38007 – Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-38007
13 Sep 2022 — Azure Guest Configuration and Azure Arc-enabled servers Elevation of Privilege Vulnerability Una vulnerabilidad de Elevación de Privilegios en Azure Guest Configuration and Azure Arc-enabled servers • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38007 •