Mandiant recently disclosed a critical vulnerability in Microsoft Azure Kubernetes Services (AKS) that could have allowed attackers to escalate privileges by abusing privileged remote access system and access sensitive credentials within affected clusters. The vulnerability impacted AKS clusters using “Azure CNI” for network configuration and “Azure” for network policy.
An attacker with command execution in a Pod running within a vulnerable AKS cluster could have exploited this issue to download the configuration used to provision the cluster node.
https://cybersecuritynews.com/microsoft ... erability/