Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Azure Identity SDK can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Azure RTOS GUIX Studio can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Azure HDInsight Apache Oozie Workflow Scheduler can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Azure DevOps Server can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Azure Network Watcher VM Agent can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2023-36415
  CVE-2023-36418
  CVE-2023-36419
  CVE-2023-36414
  CVE-2023-36561
  CVE-2023-36737
  

Связанные продукты

• Microsoft-Azure
• .NET

Список CVE

• CVE-2023-36561
  high
• CVE-2023-36415
  critical
• CVE-2023-36418
  critical
• CVE-2023-36419
  critical
• CVE-2023-36414
  critical
• CVE-2023-36737
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com