Azure CycleCloud Elevation of Privilege Vulnerability
CVE-2022-41085

7.5HIGH

Key Information:

Vendor

Microsoft
Status
Azure Cyclecloud 8.0.0
Azure Cyclecloud 7
Vendor
CVE Published:
9 November 2022

What is CVE-2022-41085?

Azure CycleCloud Elevation of Privilege Vulnerability

Affected Version(s)

Azure CycleCloud 7 Unknown 7.0 < 7.9.11

Azure CycleCloud 8.0.0 Unknown 8.0.0 < 8.3.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.