Lucene search
China National Vulnerability DatabaseCNVD-2022-67843HistoryAug 12, 2022 - 12:00 a.m.
Microsoft Azure Site Recovery Elevation of Privilege Vulnerability (CNVD-2022-67843)
2022-08-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Microsoft Azure Site Recovery (ASR) is a DRaaS provided by Azure for cloud and hybrid cloud architectures. Microsoft Azure Site Recovery suffers from an elevation of privilege vulnerability. An attacker could exploit this vulnerability to elevate privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Microsoft Azure Site Recovery VMWare to Azure <9. | eq | 50.6419.1 |
Related
prion
prion
Privilege escalation
2022-08-09 20:15:00
cve
cve
CVE-2022-35802
2022-08-09 20:15:00
cvelist
cvelist
Azure Site Recovery Elevation of Privilege Vulnerability
2022-08-09 20:08:24
mscve
mscve
Azure Site Recovery Elevation of Privilege Vulnerability
2022-08-09 07:00:00
nessus
nessus
Security Updates for Microsoft Azure Site Recovery (August 2022)
2022-08-30 00:00:00
kaspersky
kaspersky
KLA12604 Multiple vulnerabilities in Microsoft Azure
2022-08-09 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - August 2022
2022-08-09 19:34:51
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Related for CNVD-2022-67843