Google LLC’s Mandiant has published details of a critical privilege escalation vulnerability found in Microsoft Corp.’s Azure Kubernetes service that, while having since been patched by Microsoft, could have allowed attackers to gain access to credentials for services used in Kubernetes clusters. The privilege escalation vulnerability was found in Azure Kubernetes Services clusters using “Azure CNI” for the “Network configuration” and “Azure” for the “Network Policy.” An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to provision the cluster node, extract the transport layer security bootstrap tokens and perform a TLS bootstrap attack to read all secrets within the cluster.

Source: SiliconANGLE