all InfoSec news
Azure Arc-enabled Kubernetes privilege escalation
Oct. 11, 2022, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
This is facilitated by middleware (the Azure Arc-enabled Kubernetes agent) which
includes a "cluster connect" feature in the form of a reverse proxy. A vulnerability
in this feature could allow an unauthenticated user to elevate their privileges
and potentially gain remote administrative control over any Azure Arc-enabled
cluster, as long as they know its randomly generated external DNS endpoint.
Azure Stack Edge devices are also affected, because the service …
azure azure arc escalation kubernetes privilege privilege escalation
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 week, 2 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 2 weeks ago |
www.cloudvulndb.org
Amazon WorkSpaces Windows client credential logging
6 months, 2 weeks ago |
www.cloudvulndb.org
Power Platform Custom Code information disclosure
8 months, 2 weeks ago |
www.cloudvulndb.org
Azure Front Door client-side desync
9 months, 4 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Director, Data Security Lead
@ Mastercard | London, England (Angel Lane)
Security Officer L1
@ NTT DATA | Texas, United States of America
Sr. Staff Application Security Engineer
@ Aurora Innovation | Seattle, WA
Senior Penetration Testing Engineer
@ WPP | Chennai
Cyber Security - Senior Software Developer in Test
@ BlackBerry | Bengaluru, Residency Road