Multiple vulnerabilities in Microsoft Azure

Description

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Azure Command Line Integration (CLI) can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Azure Service Fabric for Linux can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in Azure Stack Hyperconverged Infrastructure (HCI) can be exploited remotely to gain privileges.

Original advisories

• CVE-2024-38097

• CVE-2024-43591
• CVE-2024-43480
• CVE-2024-38179

Related products

• Microsoft-Azure

CVE list

• CVE-2024-38097
  high
• CVE-2024-43591
  critical
• CVE-2024-43480
  high
• CVE-2024-38179
  critical

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com