Files or Directories Accessible to External Parties

CVE-2024-21403

High

9/10

Summary

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: CHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-552 - Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

References

Advisory Timeline

Published Feb 13, 2024