Описание
Azure Service Fabric for Linux Remote Code Execution Vulnerability
FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
An attacker is required to compromise the credential of a victim who has been assigned the role of “Cluster Admin” or “Cluster Operator” by an administrator prior to attempting to exploit the vulnerability.
According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. Only users with roles “Cluster Admin” and “Cluster Operator” can access this.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure Service Fabric 10.1 for Linux | ||
| Azure Service Fabric 10.0 for Linux | ||
| Azure Service Fabric 9.1 for Linux |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
Azure Service Fabric for Linux Remote Code Execution Vulnerability
Azure Service Fabric for Linux Remote Code Execution Vulnerability
Уязвимость платформы распределенных систем Azure Service Fabric, связанная с переполнением буфера в динамической памяти, позволяющая нарушителю выполнить произвольный код
EPSS
6.6 Medium
CVSS3