Описание
Partner.Microsoft.Com Elevation of Privilege Vulnerability
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
FAQ
Why is no action required to install this update?
This CVE addresses a vulnerability in the Microsoft Power Apps online version only. As such, customers do not need to take any action because releases are rolled out automatically over several days. For more information about the releases for Microsoft Power Apps see What's new in Power Apps?.
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
8.7 High
CVSS3
Связанные уязвимости
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
An improper access control vulnerability in Partner.Microsoft.com allows an a unauthenticated attacker to elevate privileges over a network.
Уязвимость программной платформы Microsoft Partner Center, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии
EPSS
8.7 High
CVSS3