The vulnerability of the Azure Data Studio software for data development and management, which involves connecting to cloud and local databases, stems from lack of access control mechanisms. This allows attackers to exploit their privileges.

🗓️ 19 Mar 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Azure Data Studio has access control deficiencies allowing privilege elevation via cloud and local databases.

Reporter	Title	Published	Views	Family All 14
CNNVD	Microsoft Azure Data Studio Security Vulnerability	12 Mar 202400:00	–	cnnvd
CVE	CVE-2024-26203	12 Mar 202416:57	–	cve
Cvelist	CVE-2024-26203 Azure Data Studio Elevation of Privilege Vulnerability	12 Mar 202416:57	–	cvelist
EUVD	EUVD-2024-23479	3 Oct 202520:07	–	euvd
Kaspersky	KLA65131 Multiple vulnerabilities in Microsoft Azure	12 Mar 202400:00	–	kaspersky
Tenable Nessus	Microsoft Azure Data Studio < 1.48.0 Elevation of Privilege Vulnerability (CVE-2024-26203)	15 Mar 202400:00	–	nessus
Microsoft CVE	Azure Data Studio Elevation of Privilege Vulnerability	12 Mar 202407:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Azure	12 Mar 202400:00	–	ncsc
NVD	CVE-2024-26203	12 Mar 202417:15	–	nvd
OSV	CVE-2024-26203	12 Mar 202417:15	–	osv

Vulners

Node

microsoft azure_data_studioRange<1.48.0

Source	Link
msrc	www.msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-26203
vuldb	www.vuldb.com/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB20240312313
web	www.web.nvd.nist.gov/view/vuln/detail

19 Mar 2024 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 26.8

CVSS 37.3

EPSS0.00485

Azure Data Studio access control privilege elevation cloud databases local databases