Multiple vulnerabilities in Microsoft Azure

Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Azure CycleCloud can be exploited remotely to execute arbitrary code.
2. An elevation of privilege vulnerability in Azure Stack Hub can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Azure Web Apps can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Azure Network Watcher VM Agent can be exploited remotely to gain privileges.

Original advisories

• CVE-2024-43469

• CVE-2024-38216
• CVE-2024-38194
• CVE-2024-38220
• CVE-2024-38188
• CVE-2024-43470

Related products

• Microsoft-Windows
• Microsoft-Azure

CVE list

• CVE-2024-43469
  critical
• CVE-2024-38216
  critical
• CVE-2024-38194
  critical
• CVE-2024-38220
  critical
• CVE-2024-38188
  high
• CVE-2024-43470
  high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com