Azure Service Connector Security Feature Bypass Vulnerability
CVE-2023-28300

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Azure Service Connector
Vendor: CVE Published:; 11 April 2023

Summary

The vulnerability in Azure Service Connector allows remote attackers to bypass security features, potentially exposing sensitive data and leading to unauthorized access. This flaw emphasizes the importance of timely updates and security practices to mitigate risk. Organizations using affected versions of Azure Service Connector should apply available patches to ensure their systems remain secure.

Affected Version(s)

Azure Service Connector Unknown 0.0.0 < 0.3.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 11, 2023
Vulnerability Reserved
Mar 13, 2023