Multiple vulnerabilities in Microsoft Azure

Descrição

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft On-Prem Data Gateway can be exploited remotely to bypass security restrictions.
2. An information disclosure vulnerability in Azure CLI REST Command can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Microsoft Host Integration Server 2020 can be exploited remotely to execute arbitrary code.

Comunicados originais

• CVE-2023-36021

• CVE-2023-36052
• CVE-2023-36437
• CVE-2023-38151

Produtos relacionados

• Microsoft-Azure

Lista de CVE

• CVE-2023-36021
  critical
• CVE-2023-36052
  critical
• CVE-2023-36437
  critical
• CVE-2023-38151
  critical

Lista de KB

• 5032921

Saiba mais

Descubra as estatísticas das vulnerabilidades que se espalham em sua região statistics.securelist.com