Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Azure Data Studio can be exploited remotely to gain privileges.
2. A spoofing vulnerability in Azure SDK can be exploited remotely to spoof user interface.
3. An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service Confidential Container can be exploited remotely to gain privileges.
4. A remote code execution vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Software for Open Networking in the Cloud (SONiC) can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2024-26203
  CVE-2024-21421
  CVE-2024-21400
  CVE-2024-21334
  CVE-2024-21330
  CVE-2024-21418
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Microsoft-Azure

Список CVE

• CVE-2024-21334
  critical
• CVE-2024-21330
  critical
• CVE-2024-26203
  high
• CVE-2024-21421
  critical
• CVE-2024-21400
  critical
• CVE-2024-21418
  critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com