Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Azure Machine Learning Compute Instance can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability in Azure App Service on Azure Stack Hub can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Azure Data Box Gateway can be exploited remotely to execute arbitrary code.
4. A spoofing vulnerability in Azure DevOps Server 2022 can be exploited remotely to spoof user interface.

Первичный источник обнаружения

• CVE-2023-23382
  CVE-2023-21777
  CVE-2023-21703
  CVE-2023-21564
  

Связанные продукты

• Microsoft-Edge
• Microsoft-Azure

Список CVE

• CVE-2023-23382
  high
• CVE-2023-21777
  critical
• CVE-2023-21703
  high
• CVE-2023-21564
  high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com