Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft On-Prem Data Gateway can be exploited remotely to bypass security restrictions.
2. An information disclosure vulnerability in Azure CLI REST Command can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in Azure DevOps Server can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Microsoft Host Integration Server 2020 can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2023-36021
  CVE-2023-36052
  CVE-2023-36437
  CVE-2023-38151
  

Связанные продукты

• Microsoft-Azure

Список CVE

• CVE-2023-36021
  critical
• CVE-2023-36052
  critical
• CVE-2023-36437
  critical
• CVE-2023-38151
  critical

Список KB

• 5032921

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com