Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMicrosoftCVELIST:CVE-2021-42306
HistoryNov 24, 2021 - 1:05 a.m.

CVE-2021-42306 Azure Active Directory Information Disclosure Vulnerability

2021-11-2401:05:13
microsoft
www.cve.org

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

8.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Azure Automation",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_automation:-:*:*:*:*:*:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "1.0.0",
        "lessThan": "publication",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Active Directory",
    "cpes": [],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Site Recovery",
    "cpes": [],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Migrate",
    "cpes": [],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  }
]

Related

nvd 1
msrc 3
kaspersky 1
prion 1
rapid7blog 1
cve 1
mscve 1
cnvd 1
nvd
nvd
CVE-2021-42306
2021-11-24 01:15:08
msrc
msrc
Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs
2021-11-17 08:00:00
Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs
2021-11-17 20:02:19
Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs
2021-11-17 08:00:00
kaspersky
kaspersky
KLA12348 OSI vulnerability in Microsoft Azure
2021-11-17 00:00:00
prion
prion
Information disclosure
2021-11-24 01:15:00
rapid7blog
rapid7blog
[Security Nation] Chris Levendis and Lisa Olson on Cloud CVEs
2022-09-14 19:00:00
cve
cve
CVE-2021-42306
2021-11-24 01:15:08
mscve
mscve
Azure Active Directory Information Disclosure Vulnerability
2021-11-17 08:00:00
cnvd
cnvd
Microsoft Azure Information Disclosure Vulnerability (CNVD-2021-100792)
2021-11-22 00:00:00

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C

8.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.7%

JSON
Related for CVELIST:CVE-2021-42306
nvd1msrc3kaspersky1prion1rapid7blog1cve1mscve1cnvd1