CVE-2024-28917

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28917", "name": "Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28917", "name": "Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-28917", "ASSIGNER": "secure@microsoft.com"}}, "impact": {}, "publishedDate": "2024-04-09T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.azurekeyvaultsecretsprovider:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.5.2", "versionStartIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.videoindexer:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.1.2", "versionStartIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.azstackhci.operator:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.0.5", "versionStartIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.networkfabricserviceextension:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.1.3", "versionStartIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.iotoperations.mq:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "0.3.0-preview"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.azure.hybridnetwork:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.0.2620-162", "versionStartIncluding": "1.0.0"}, {"cpe23Uri": "cpe:2.3:a:microsoft:azure_arc_extension_microsoft.openservicemesh:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.2.6", "versionStartIncluding": "1.0.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-01-07T19:29Z"}