Nick McClendon, Daniel McNamara, Jacob Paullus

A vulnerability in Azure Kubernetes Services allowed attackers to escalate privileges and access cluster credentials. Affected clusters used Azure CNI for network configuration and Azure for network policy. Attackers could exploit this issue to steal data and cause financial and reputational damage. The vulnerability has been fixed by Microsoft after disclosure by Mandiant.


WireServing Up Credentials in Azure Kubernetes Services

Jamie Finnigan

A BGP-based feature of the AWS Direct Connect service allowed a third party to inject an incorrect route for an external IP, effectively hijacking AWS-sourced traffic. This resulted in connectivity issues between AWS EC2 instances and external systems. The issue was caused by a typo in a Direct Connect customer's configuration, which advertised an incorrect prefix to AWS.


Copilot Studio information disclosure via SSRF

Summary

Affected Services

Tracked CVEs

References

More vulnerabilities...

WireServing Up Credentials in Azure Kubernetes Services

Nick McClendon, Daniel McNa...

AWS Direct Connect route injection issue

Jamie Finnigan

Azue Health privilege escalation via SSRF

Tenable