CVE-2024-37325

2024-06-1117:16:04

CWE-200

microsoft

web.nvd.nist.gov

azure

science vm

elevation

privilege

vulnerability

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

41.9%

JSON

Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability

Affected configurations

Nvd

Vulners

Node

microsoftazure_data_science_virtual_machineRange<24.05.24linux

VendorProductVersionCPE
microsoftazure_data_science_virtual_machine*cpe:2.3:a:microsoft:azure_data_science_virtual_machine:*:*:*:*:*:linux:*:*

Vendor	Product	Version	CPE
microsoft	azure_data_science_virtual_machine	*	cpe:2.3:a:microsoft:azure_data_science_virtual_machine::::::linux::*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Azure Data Science Virtual Machines",
    "cpes": [
      "cpe:2.3:o:microsoft:azure_data_science_virtual_machines:*:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "24.05.24",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]