Kaspersky Threats

Detect date

?

07/12/2022

Severity

?

High

Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in Azure Site Recovery can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Azure Site Recovery can be exploited remotely to gain privileges.
An information disclosure vulnerability in Azure Storage Library can be exploited remotely to obtain sensitive information.

Affected products

Azure Storage Queues client library for Python
Azure Storage Blobs client library for Java
Azure Site Recovery VMWare to Azure
Azure Storage Queues client library for .NET
Azure Storage Blobs client library for .NET

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-33676
CVE-2022-33666
CVE-2022-33660
CVE-2022-33672
CVE-2022-33643
CVE-2022-33667
CVE-2022-33664
CVE-2022-33661
CVE-2022-33658
CVE-2022-33657
CVE-2022-33659
CVE-2022-33673
CVE-2022-30187
CVE-2022-33653
CVE-2022-33669
CVE-2022-33650
CVE-2022-33674
CVE-2022-33665
CVE-2022-33656
CVE-2022-33641
CVE-2022-33642
CVE-2022-33662
CVE-2022-33675
CVE-2022-30181
CVE-2022-33663
CVE-2022-33655
CVE-2022-33671
CVE-2022-33678
CVE-2022-33668
CVE-2022-33654
CVE-2022-33652
CVE-2022-33651
CVE-2022-33677

Impacts

?

ACE

[?]

OSI

[?]

PE

[?]

Related products

Microsoft Azure

CVE-IDS

?

Find out the statistics of the vulnerabilities spreading in your region

Detect date ?	07/12/2022
Severity ?	High
Description	Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: A remote code execution vulnerability in Azure Site Recovery can be exploited remotely to execute arbitrary code. An elevation of privilege vulnerability in Azure Site Recovery can be exploited remotely to gain privileges. An information disclosure vulnerability in Azure Storage Library can be exploited remotely to obtain sensitive information.
Affected products	Azure Storage Queues client library for Python Azure Storage Blobs client library for Java Azure Site Recovery VMWare to Azure Azure Storage Queues client library for .NET Azure Storage Blobs client library for .NET
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2022-33676 CVE-2022-33666 CVE-2022-33660 CVE-2022-33672 CVE-2022-33643 CVE-2022-33667 CVE-2022-33664 CVE-2022-33661 CVE-2022-33658 CVE-2022-33657 CVE-2022-33659 CVE-2022-33673 CVE-2022-30187 CVE-2022-33653 CVE-2022-33669 CVE-2022-33650 CVE-2022-33674 CVE-2022-33665 CVE-2022-33656 CVE-2022-33641 CVE-2022-33642 CVE-2022-33662 CVE-2022-33675 CVE-2022-30181 CVE-2022-33663 CVE-2022-33655 CVE-2022-33671 CVE-2022-33678 CVE-2022-33668 CVE-2022-33654 CVE-2022-33652 CVE-2022-33651 CVE-2022-33677
Impacts ?	ACE [?] OSI [?] PE [?]
Related products	Microsoft Azure
CVE-IDS ?	CVE-2022-336765.0Critical CVE-2022-336665.0Critical CVE-2022-336605.0Critical CVE-2022-336725.0Critical CVE-2022-336435.0Critical CVE-2022-336675.0Critical CVE-2022-336645.0Critical CVE-2022-336615.0Critical CVE-2022-336585.0Critical CVE-2022-336575.0Critical CVE-2022-336595.0Critical CVE-2022-336735.0Critical CVE-2022-301875.0Critical CVE-2022-336535.0Critical CVE-2022-336695.0Critical CVE-2022-336505.0Critical CVE-2022-336745.0Critical CVE-2022-336655.0Critical CVE-2022-336565.0Critical CVE-2022-336415.0Critical CVE-2022-336425.0Critical CVE-2022-336625.0Critical CVE-2022-336755.0Critical CVE-2022-301815.0Critical CVE-2022-336635.0Critical CVE-2022-336555.0Critical CVE-2022-336715.0Critical CVE-2022-336785.0Critical CVE-2022-336685.0Critical CVE-2022-336545.0Critical CVE-2022-336525.0Critical CVE-2022-336515.0Critical CVE-2022-336775.0Critical
	Find out the statistics of the vulnerabilities spreading in your region

KLA12582Multiple vulnerabilities in Microsoft Azure

KLA12582
Multiple vulnerabilities in Microsoft Azure