KLA12508
Multiple vulnerabilities in Microsoft Azure

Обновлено: 14/04/2022
Дата обнаружения
12/04/2022
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Azure Site Recovery can be exploited remotely to obtain sensitive information.
  2. An information disclosure vulnerability in Azure SDK for .NET can be exploited remotely to obtain sensitive information.
  3. A remote code execution vulnerability in Azure Site Recovery can be exploited remotely to execute arbitrary code.
Пораженные продукты

Azure SDK for .Net

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-26896
CVE-2022-26897
CVE-2022-26907
CVE-2022-26898
Оказываемое влияние
?
OSI 
[?]
Связанные продукты
Microsoft Azure
CVE-IDS
CVE-2022-268965.0Critical
CVE-2022-268975.0Critical
CVE-2022-269075.0Critical
CVE-2022-268985.0Critical
Узнай статистику распространения уязвимостей в твоем регионе