Azure Stack Hub Elevation of Privilege Vulnerability
CVE-2024-38201

7HIGH

Key Information:

Vendor: Microsoft
Status: Azure Stack Hub
Vendor: CVE Published:; 13 August 2024

Summary

The vulnerability presents an elevation of privilege issue within Azure Stack Hub, impacting the integrity of user permissions. An attacker with access to the affected system may exploit this vulnerability to gain elevated access rights that would allow them to execute commands and access restricted areas of the environment. This exploitation can compromise sensitive information and potentially disrupt operations. Users are encouraged to review security measures and updates addressing this vulnerability to mitigate associated risks.

Affected Version(s)

Azure Stack Hub Unknown 1.0.0 < 1.2311.1.22

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jun 11, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed