| 제목 | Azure 2026-03-17 Incorrect Privilege Assignment |
|---|
| 설명 | Azure Backup for AKS incorrectly enables cluster-admin Trusted Access for any principal with Backup Contributor—a role with no Kubernetes access—allowing full cluster compromise without kubectl or RBAC permissions.
CERT/CC independently validated this vulnerability as VU#284781 on 2026-04-16.
Attack chain: (1) Attacker has Backup Contributor on backup vault, (2) enables backup on target AKS cluster, (3) Azure auto-grants Trusted Access with cluster-admin equivalent, (4) attacker extracts secrets via backup or restores malicious workloads.
Microsoft silently patched this vulnerability without assigning a CVE, publishing a security advisory, or notifying customers. Evidence of patch: new error messages and permission requirements that did not exist during original testing.
CVSS 3.1: 9.9 Critical (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) |
|---|
| 원천 | ⚠️ https://olearysec.com/research/azure-backup-aks-silent-patch |
|---|
| 사용자 | olearysec (UID 98242) |
|---|
| 제출 | 2026. 05. 13. PM 05:49 (23 날 ago) |
|---|
| 모더레이션 | 2026. 06. 01. PM 03:51 (19 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 367647 [Microsoft Azure Backup for AKS 2026-03-17 권한 상승] |
|---|
| 포인트들 | 20 |
|---|