Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability
CVE-2024-38175
9.6CRITICAL
Key Information
- Vendor
- Microsoft
- Status
- Azure Managed Instance For Apache Cassandra
- Vendor
- CVE Published:
- 20 August 2024
Summary
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.
Affected Version(s)
Azure Managed Instance for Apache Cassandra < 1.0.0
CVSS V3.1
Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published.
Collectors
NVD DatabaseMitre DatabaseMicrosoft Feed