Описание
Azure Connected Machine Agent Elevation of Privilege Vulnerability
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
FAQ
**What privileges could be gained by an attacker who successfully exploited this vulnerability? **
An attacker can deploy VM Extensions on compromised Servers
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Azure Connected Machine Agent |
Показывать по
10
Возможность эксплуатации
Publicly Disclosed
No
Exploited
No
Latest Software Release
Exploitation Unlikely
EPSS
Процентиль: 26%
0.00089
Низкий
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
8 дней назад
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
CVSS3: 7.8
github
8 дней назад
External control of file name or path in Azure Arc allows an authorized attacker to elevate privileges locally.
EPSS
Процентиль: 26%
0.00089
Низкий
7.8 High
CVSS3