Kaspersky Threats

Detect date

?

11/14/2023

Severity

?

Critical

Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

A security feature bypass vulnerability in Microsoft On-Prem Data Gateway can be exploited remotely to bypass security restrictions.
An information disclosure vulnerability in Azure CLI REST Command can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Microsoft Host Integration Server 2020 can be exploited remotely to execute arbitrary code.

Affected products

az staticwebapp appsettings delete
az staticwebapp appsettings set
Microsoft OLE DB Provider for DB2 V7
az logicapp config appsettings delete
az webapp config appsettings set
az functionapp config appsettings delete
az webapp config appsettings delete
Host Integration Server 2020
Azure Pipelines Agent
az logicapp config appsettings set
az functionapp config appsettings set
On-Prem Data Gateway

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2023-36021
CVE-2023-36052
CVE-2023-36437
CVE-2023-38151

Impacts

?

ACE

[?]

OSI

[?]

SB

[?]

Detect date ?	11/14/2023
Severity ?	Critical
Description	Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: A security feature bypass vulnerability in Microsoft On-Prem Data Gateway can be exploited remotely to bypass security restrictions. An information disclosure vulnerability in Azure CLI REST Command can be exploited remotely to obtain sensitive information. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code. A remote code execution vulnerability in Microsoft Host Integration Server 2020 can be exploited remotely to execute arbitrary code.
Affected products	az staticwebapp appsettings delete az staticwebapp appsettings set Microsoft OLE DB Provider for DB2 V7 az logicapp config appsettings delete az webapp config appsettings set az functionapp config appsettings delete az webapp config appsettings delete Host Integration Server 2020 Azure Pipelines Agent az logicapp config appsettings set az functionapp config appsettings set On-Prem Data Gateway
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2023-36021 CVE-2023-36052 CVE-2023-36437 CVE-2023-38151
Impacts ?	ACE [?] OSI [?] SB [?]
Related products	Microsoft Azure
CVE-IDS ?	CVE-2023-360218.0Critical CVE-2023-360528.6Critical CVE-2023-364378.8Critical CVE-2023-381518.8Critical
KB list	5032921
	Find out the statistics of the vulnerabilities spreading in your region

KLA61977Multiple vulnerabilities in Microsoft Azure

KLA61977
Multiple vulnerabilities in Microsoft Azure