CVE-2023-28300

2023-04-1121:15:27

CWE-284

[email protected]

web.nvd.nist.gov

cve-2023-28300

azure

service connector

security

feature bypass

vulnerability

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

0.002

Percentile

55.4%

JSON

Azure Service Connector Security Feature Bypass Vulnerability

Affected configurations

Vulners

NVD

Node

microsoftazure_service_connectorMatch-

VendorProductVersionCPE
microsoftazure_service_connector*cpe:2.3:a:microsoft:azure_service_connector:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	azure_service_connector	*	cpe:2.3:a:microsoft:azure_service_connector::::::::

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Azure Service Connector",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_service_connector:-:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "0.0.0",
        "lessThan": "0.3.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]