Elevation of Privilege Vulnerability Affects Azure Data Studio
CVE-2024-26203

7.3HIGH

Key Information:

Vendor: Microsoft
Status: Azure Data Studio
Vendor: CVE Published:; 12 March 2024

What is CVE-2024-26203?

A security vulnerability exists in Azure Data Studio that allows an attacker to elevate privileges, potentially leading to unauthorized access to sensitive data and system resources. This vulnerability highlights the importance of applying the latest security patches and updates to mitigate risks associated with privilege escalation attacks.

Affected Version(s)

Azure Data Studio Unknown 1.0.0 < 1.48.0

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2024
Vulnerability Reserved
Feb 14, 2024

Microsoft

What is CVE-2024-26203?

Affected Version(s)

References

CVSS V3.1

Timeline