Azure CycleCloud Remote Code Execution Vulnerability

CVE-2024-43602

9.9CRITICAL

Key Information

Vendor: Microsoft
Status: Azure Cyclecloud; Azure Cyclecloud 8.0.0; Azure Cyclecloud 8.0.1; Azure Cyclecloud 8.6.0
Vendor: CVE Published:; 12 November 2024

Summary

Azure CycleCloud Remote Code Execution Vulnerability

Affected Version(s)

Azure CycleCloud < 8.6.5

Azure CycleCloud < 8.6.5

Azure CycleCloud 8.0.0 < 8.6.5

CVSS V3.1

Score:

9.9

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published.
Nov 12, 2024

Collectors

NVD DatabaseMitre DatabaseMicrosoft Feed

.