Multiple vulnerabilities in Microsoft Azure

Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure Arc-enabled Kubernetes cluster Connect can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in StorSimple 8000 Series can be exploited remotely to gain privileges.
3. A spoofing vulnerability in Service Fabric Explorer can be exploited remotely to spoof user interface.

Original advisories

• CVE-2022-37968

• CVE-2022-38017
• CVE-2022-35829

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Edge
• Microsoft-Azure

CVE list

• CVE-2022-37968
  critical
• CVE-2022-38017
  high
• CVE-2022-35829
  warning

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com