Lucene search
China National Vulnerability DatabaseCNVD-2022-67841HistoryAug 12, 2022 - 12:00 a.m.
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability (CNVD-2022-67841)
2022-08-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Microsoft Azure Site Recovery (ASR) is a DRaaS provided by Azure for cloud and hybrid cloud architectures. Microsoft Azure Site Recovery suffers from an elevation of privilege vulnerability. An attacker could exploit this vulnerability to elevate privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Microsoft Azure Site Recovery VMWare to Azure <9. | eq | 50.6419.1 |
Related
mscve
mscve
Azure Site Recovery Elevation of Privilege Vulnerability
2022-08-09 07:00:00
prion
prion
Privilege escalation
2022-08-09 20:15:00
cve
cve
CVE-2022-35780
2022-08-09 20:15:00
nessus
nessus
Security Updates for Microsoft Azure Site Recovery (August 2022)
2022-08-30 00:00:00
kaspersky
kaspersky
KLA12604 Multiple vulnerabilities in Microsoft Azure
2022-08-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2022
2022-08-09 19:34:51
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Related for CNVD-2022-67841