Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Identity Linux Broker can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Azure HDInsight Apache Ambari can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service can be exploited remotely to gain privileges.
5. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2023-36736
  CVE-2023-38155
  CVE-2023-38156
  CVE-2023-29332
  CVE-2023-33136
  

Связанные продукты

• Microsoft-Azure

Список CVE

• CVE-2023-38155
  critical
• CVE-2023-33136
  critical
• CVE-2023-36736
  warning
• CVE-2023-38156
  high
• CVE-2023-29332
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com