Description
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service Confidential Container can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Azure Migrate can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Azure Private 5G Core can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Azure Compute Gallery can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Azure Arc-enabled Kubernetes Extension Cluster-Scope can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Azure AI Search can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Azure Identity Library for .NET can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Azure CycleCloud can be exploited remotely to gain privileges.
Original advisories
- CVE-2024-26193
- CVE-2024-20685
- CVE-2024-21424
- CVE-2024-29989
- CVE-2024-28917
- CVE-2024-29063
- CVE-2024-29992
- CVE-2024-29993
Related products
CVE list
- CVE-2024-29990 critical
- CVE-2024-26193 high
- CVE-2024-20685 high
- CVE-2024-21424 high
- CVE-2024-29989 critical
- CVE-2024-28917 high
- CVE-2024-29063 high
- CVE-2024-29992 high
- CVE-2024-29993 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!