msrc_cve-2023-29332
Vulnerability from csaf_microsoft
Published
2023-09-12 07:00
Modified
2023-09-14 07:00
Summary
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
Customer Action
Required. The vulnerability documented by this CVE requires customer action to resolve.
{
"document": {
"acknowledgments": [
{
"names": [
"Stav Nir"
]
}
],
"aggregate_severity": {
"namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
},
{
"category": "general",
"text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
"title": "Customer Action"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332"
},
{
"category": "self",
"summary": "CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/csaf/2023/msrc_cve-2023-29332.json"
},
{
"category": "external",
"summary": "Microsoft Exploitability Index",
"url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability",
"tracking": {
"current_release_date": "2023-09-14T07:00:00.000Z",
"generator": {
"date": "2025-01-01T02:04:05.588Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2023-29332",
"initial_release_date": "2023-09-12T07:00:00.000Z",
"revision_history": [
{
"date": "2023-09-12T07:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2023-09-13T07:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added FAQ information. This is an informational change only."
},
{
"date": "2023-09-13T07:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Corrected one or more links in the FAQ. This is an informational change only."
},
{
"date": "2023-09-14T07:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added FAQ information. This is an informational change only."
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cVHD 202308",
"product": {
"name": "Azure Kubernetes Service \u003cVHD 202308",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "VHD 202308",
"product": {
"name": "Azure Kubernetes Service VHD 202308",
"product_id": "11870"
}
}
],
"category": "product_name",
"name": "Azure Kubernetes Service"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29332",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "general",
"text": "Microsoft",
"title": "Assigning CNA"
},
{
"category": "faq",
"text": "An attacker who successfully exploited this vulnerability could gain Cluster Administrator privileges.",
"title": "What privileges could be gained by an attacker who successfully exploited this vulnerability?"
},
{
"category": "faq",
"text": "Customers must update or upgrade their Azure Kuberenetes Service resource deployments using the following guidance:\nUpgrade your AKS node image to receive the fix without altering your Kubernetes version., Upgrade your AKS cluster to a newer version which will also bring your node image to the latest version.",
"title": "How do I protect my resources against this vulnerability?"
},
{
"category": "faq",
"text": "We highly encourage customers to enable automatic node image upgrades for their Azure Kubernetes Resources to get the latest security releases in the future.\nGeneral Availability Customers:\nAutomatically upgrade an Azure Kubernetes Service (AKS) cluster - Azure Kubernetes Service | Microsoft Learn, CLI command: az aks update --resource-group [myResourceGroup] --name [myAKSCluster] --auto-upgrade-channel node-image\nOr\nPreview Customers:\nAutomatically upgrade Azure Kubernetes Service (AKS) cluster node operating system images - Azure Kubernetes Service | Microsoft Learn:, CLI command: az aks update --resource-group [myResourceGroup] --name [myAKSCluster] --node-os-upgrade-channel NodeImage",
"title": "What additional actions can customers take to help ensure their resources are secure?"
},
{
"category": "faq",
"text": "The Confidentiality is set to High because an attacker who successfully exploits this vulnerability could access tokens beyond a user\u2019s typical privilege.\nThe exploit results in token disclosure, however it does not affect the Integrity and Availability of the system. Thus, both of these are set as None.",
"title": "According to the CVSS metric, attack complexity is high (AC:H) but integrity is none (I:N) and availability is none (A:N). What does that mean for this vulnerability?"
},
{
"category": "faq",
"text": "The attack vector is set to Network because this vulnerability is remotely exploitable and can be exploited from the internet.\nThe attack complexity is set to Low because an attacker does not require significant prior knowledge of the cluster/system and can achieve repeatable success when attempting to exploit this vulnerability.",
"title": "According to the CVSS metric, the attack vector is network (AV:N) and the attack complexity is low (AC:L). What does that mean for this vulnerability?"
},
{
"category": "faq",
"text": "Azure Kubernetes Service resources using the following image versions are protected against this vulnerability.\nAKS resources with Ubuntu OS - Image 202308.01 or above, AKS resources with Windows OS - Image 20348.1906 or above\nTo determine if any of your resources are susceptible to this CVE, navigate to your cluster\u0027s overview page in the Azure Portal, and select Diagnose and Solve Problems. Navigate to Identity and Security and select TLS Bootstrap Token CVE to identify the susceptible agent pools in your AKS cluster.",
"title": "How do I determine if my resources are susceptible to this vulnerability?"
}
],
"product_status": {
"fixed": [
"11870"
],
"known_affected": [
"1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability - HTML",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332"
},
{
"category": "self",
"summary": "CVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability - CSAF",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2023-09-12T07:00:00.000Z",
"details": "VHD 202308:Security Update:https://github.com/Azure/AKS/releases",
"product_ids": [
"1"
],
"url": "https://github.com/Azure/AKS/releases"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Elevation of Privilege"
},
{
"category": "exploit_status",
"details": "Exploited:No;Latest Software Release:Exploitation Less Likely"
}
],
"title": "Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.