Elevated Privileges Through Improper Authorization in Azure Web Apps
CVE-2024-38194
8.4HIGH
Summary
An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
Affected Version(s)
Azure Web Apps =
CVSS V3.1
Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Timeline
Risk change from: 9.9 to: 8.4 - (HIGH)
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre DatabaseMicrosoft Feed