Количество 4
Количество 4
CVE-2025-24989
An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you.
CVE-2025-24989
Microsoft Power Pages Elevation of Privilege Vulnerability
GHSA-pxjr-976r-24r6
An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected cusomters have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you.
BDU:2025-01958
Уязвимость программного обеспечения создания веб-сайтов Microsoft Power Pages, связанная с ошибками разграничения доступа, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-24989 An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. | CVSS3: 8.2 | 13% Средний | 6 месяцев назад |
 | CVE-2025-24989 Microsoft Power Pages Elevation of Privilege Vulnerability | 13% Средний | 6 месяцев назад | |
| GHSA-pxjr-976r-24r6 An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected cusomters have been notified. This update addressed the registration control bypass. Affected customers have been given instructions on reviewing their sites for potential exploitation and clean up methods. If you've not been notified this vulnerability does not affect you. | CVSS3: 8.2 | 13% Средний | 6 месяцев назад |
 | BDU:2025-01958 Уязвимость программного обеспечения создания веб-сайтов Microsoft Power Pages, связанная с ошибками разграничения доступа, позволяющая нарушителю повысить свои привилегии | CVSS3: 8.2 | 13% Средний | 6 месяцев назад |
Уязвимостей на страницу