Multiple vulnerabilities in Microsoft Azure

Описание

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service Confidential Container can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in Azure Migrate can be exploited remotely to execute arbitrary code.
3. A denial of service vulnerability in Azure Private 5G Core can be exploited remotely to cause denial of service.
4. An elevation of privilege vulnerability in Azure Compute Gallery can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Azure Arc-enabled Kubernetes Extension Cluster-Scope can be exploited remotely to gain privileges.
7. An information disclosure vulnerability in Azure AI Search can be exploited remotely to obtain sensitive information.
8. An information disclosure vulnerability in Azure Identity Library for .NET can be exploited remotely to obtain sensitive information.
9. An elevation of privilege vulnerability in Azure CycleCloud can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2024-29990
  CVE-2024-26193
  CVE-2024-20685
  CVE-2024-21424
  CVE-2024-29989
  CVE-2024-28917
  CVE-2024-29063
  CVE-2024-29992
  CVE-2024-29993
  

Связанные продукты

• Microsoft-Azure
• .NET

Список CVE

• CVE-2024-29990
  critical
• CVE-2024-26193
  high
• CVE-2024-20685
  high
• CVE-2024-21424
  high
• CVE-2024-29989
  high
• CVE-2024-28917
  high
• CVE-2024-29063
  high
• CVE-2024-29992
  high
• CVE-2024-29993
  high

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com