Elevation of Privilege Vulnerability Affects Azure Network Watcher VM Extension
CVE-2024-35261

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Azure Network Watcher Vm Extension
Vendor: CVE Published:; 9 July 2024

Summary

The vulnerability within the Azure Network Watcher VM Extension presents a risk of elevation of privilege, potentially allowing malicious actors to gain escalated access permissions. This could lead to unauthorized manipulation of network configurations or sensitive data exposure. Security measures and patches from Microsoft are essential to ensure that affected systems are adequately protected against potential exploitation of this vulnerability.

Affected Version(s)

Azure Network Watcher VM Extension Unknown 1.4.3320.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 9, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed