Описание
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
FAQ
What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires the attacker to be assigned the role of “Security Admin” or “Contributor”.
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
The vulnerability enables an attacker to run specific Azure CLI commands to perform service management operations or deploy other Azure resources in the victim's subscription.
How could an attacker exploit the vulnerability?
An attacker assigned the role of "Security Admin" or "Contributor" in the target environment could run specific Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud. An attacker could use this vulnerability to deploy or manage Defender for Cloud resources they are not permitted to access.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure CLI | ||
| Azure Service Connector |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
8.7 High
CVSS3
Связанные уязвимости
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
Уязвимость интерфейса командной строки (CLI) соединителя служб Azure Service Connector, позволяющая нарушителю повысить свои привилегии
EPSS
8.7 High
CVSS3