Описание
Azure Stack Hub Elevation of Privilege Vulnerability
FAQ
According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
This vulnerability could lead to the attacker gaining the ability to interact with other tenant’s applications and content.
What privileges could an attacker gain with a successful exploitation?
An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process.
This could lead to further system compromise and unauthorized actions within the network.
According to the CVSS metric, user interaction is required (UI:R) and privileges required are low (PR:L). What does that mean for this vulnerability?
An authenticated attacker must wait for a victim user to initiate a connection.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
9 Critical
CVSS3
Связанные уязвимости
Azure Stack Hub Elevation of Privilege Vulnerability
EPSS
9 Critical
CVSS3