Searching
..

Click anywhere to stop

KLA12582
Multiple vulnerabilities in Microsoft Azure

Обновлено: 22/01/2024
Дата обнаружения
12/07/2022
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Azure Site Recovery can be exploited remotely to execute arbitrary code.
  2. An elevation of privilege vulnerability in Azure Site Recovery can be exploited remotely to gain privileges.
  3. An information disclosure vulnerability in Azure Storage Library can be exploited remotely to obtain sensitive information.
Пораженные продукты

Azure Storage Queues client library for Python
Azure Storage Blobs client library for Java
Azure Site Recovery VMWare to Azure
Azure Storage Queues client library for .NET
Azure Storage Blobs client library for .NET

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-33676
CVE-2022-33666
CVE-2022-33660
CVE-2022-33672
CVE-2022-33643
CVE-2022-33667
CVE-2022-33664
CVE-2022-33661
CVE-2022-33658
CVE-2022-33657
CVE-2022-33659
CVE-2022-33673
CVE-2022-30187
CVE-2022-33653
CVE-2022-33669
CVE-2022-33650
CVE-2022-33674
CVE-2022-33665
CVE-2022-33656
CVE-2022-33641
CVE-2022-33642
CVE-2022-33662
CVE-2022-33675
CVE-2022-30181
CVE-2022-33663
CVE-2022-33655
CVE-2022-33671
CVE-2022-33678
CVE-2022-33668
CVE-2022-33654
CVE-2022-33652
CVE-2022-33651
CVE-2022-33677
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

PE 
[?]
Связанные продукты
Microsoft Azure
CVE-IDS