KLA20004
Multiple vulnerabilities in Microsoft Azure

Обновлено: 13/05/2023

Дата обнаружения	11/10/2022
Уровень угрозы	Critical
Описание	Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Azure Arc-enabled Kubernetes cluster Connect can be exploited remotely to gain privileges. An elevation of privilege vulnerability in StorSimple 8000 Series can be exploited remotely to gain privileges. A spoofing vulnerability in Service Fabric Explorer can be exploited remotely to spoof user interface.
Эксплуатация	Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Пораженные продукты	Azure Service Fabric Explorer Azure Arc-enabled Kubernetes cluster 1.8.11 Azure StorSimple 8000 Series Azure Arc-enabled Kubernetes cluster 1.5.8 Azure Arc-enabled Kubernetes cluster 1.7.18 Azure Arc-enabled Kubernetes cluster 1.6.19 Azure Stack Edge
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2022-37968 CVE-2022-38017 CVE-2022-35829
Оказываемое влияние ?	PE [?] SUI [?]
Связанные продукты	Microsoft Edge Microsoft Azure
CVE-IDS	CVE-2022-379685.0Critical CVE-2022-380175.0Critical CVE-2022-358295.0Critical

KLA20004Multiple vulnerabilities in Microsoft Azure

KLA20004
Multiple vulnerabilities in Microsoft Azure