CVE-2024-29990 CRITICAL

CVE-2024-29990: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Vendor Microsoft

Product Azure Kubernetes Service

Weakness CWE-284

Published April 9, 2024

Last update May 3, 2025

CVSS base score

9.0/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C

What the vulnerability does

01Description

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability

Key dates

April 9, 2024 CVE published

May 3, 2025 Record updated

External resources

Related vulnerabilities

CVE CVE-2024-29990

CWE CWE-284

CVSS 9.0 / CRITICAL

Vendor Microsoft

Product Azure Kubernetes Service

Affected ≥ 1.0.0 and < 0.3.4