KLA20234
Multiple vulnerabilities in Microsoft Azure

Обновлено: 29/09/2023

Дата обнаружения	14/02/2023
Уровень угрозы	High
Описание	Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: An information disclosure vulnerability in Azure Machine Learning Compute Instance can be exploited remotely to obtain sensitive information. An elevation of privilege vulnerability in Azure App Service on Azure Stack Hub can be exploited remotely to gain privileges. A remote code execution vulnerability in Azure Data Box Gateway can be exploited remotely to execute arbitrary code. A spoofing vulnerability in Azure DevOps Server 2022 can be exploited remotely to spoof user interface.
Пораженные продукты	Azure App Service on Azure Stack Hub Azure Data Box Gateway Azure Stack Edge Azure DevOps Server 2022 Azure Machine Learning
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2023-23382 CVE-2023-21777 CVE-2023-21703 CVE-2023-21564
Оказываемое влияние ?	ACE [?] OSI [?] SB [?] PE [?] SUI [?]
Связанные продукты	Microsoft Edge Microsoft Azure
CVE-IDS	CVE-2023-233825.0Warning CVE-2023-217775.0Warning CVE-2023-217035.0Warning CVE-2023-215645.0Warning

KLA20234Multiple vulnerabilities in Microsoft Azure

KLA20234
Multiple vulnerabilities in Microsoft Azure