CVE-2024-29990

Name of the Vulnerable Software and Affected Versions Microsoft Azure Kubernetes Service Confidential Container (affected versions not specified)

Description The issue is related to a lack of access control in the deployment and management of confidential containers in Azure Kubernetes Service, which can be exploited by a remote attacker to elevate their privileges. This could potentially allow unauthenticated attackers to gain full control of Azure Kubernetes clusters, including stealing credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.