Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA12508
HistoryApr 12, 2022 - 12:00 a.m.

KLA12508 Multiple vulnerabilities in Microsoft Azure

2022-04-1200:00:00
Kaspersky Lab
threats.kaspersky.com
5

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON

Detect date:

04/12/2022

Severity:

High

Description:

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information.

Affected products:

Azure SDK for .Net

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2022-26896
CVE-2022-26897
CVE-2022-26907
CVE-2022-26898

Impacts:

ACE

Related products:

Microsoft Azure

CVE-IDS:

CVE-2022-268964.9Warning
CVE-2022-268974.9Warning
CVE-2022-269075.3High
CVE-2022-268987.2High

Microsoft official advisories:

Related

nessus 1
prion 4
github 1
mscve 4
cve 4
cvelist 4
cnvd 3
osv 1
ibm 1
rapid7blog 1
nessus
nessus
Security Updates for Microsoft Azure Site Recovery (April 2022)
2022-08-30 00:00:00
prion
prion
Information disclosure
2022-04-15 19:15:00
Information disclosure
2022-04-15 19:15:00
Remote code execution
2022-04-15 19:15:00
github
github
Azure SDK for .NET Information Disclosure Vulnerability.
2022-04-16 00:00:28
mscve
mscve
Azure SDK for .NET Information Disclosure Vulnerability
2022-04-12 08:00:00
Azure Site Recovery Information Disclosure Vulnerability
2022-04-12 08:00:00
Azure Site Recovery Information Disclosure Vulnerability
2022-04-12 08:00:00
cve
cve
CVE-2022-26907
2022-04-15 19:15:00
CVE-2022-26896
2022-04-15 19:15:00
CVE-2022-26897
2022-04-15 19:15:00
cvelist
cvelist
CVE-2022-26907 Azure SDK for .NET Information Disclosure Vulnerability
2022-04-15 19:05:43
CVE-2022-26897 Azure Site Recovery Information Disclosure Vulnerability
2022-04-15 19:05:35
CVE-2022-26896 Azure Site Recovery Information Disclosure Vulnerability
2022-04-15 19:05:33
cnvd
cnvd
Microsoft Azure Site Recovery Information Disclosure Vulnerability (CNVD-2022-56588)
2022-04-15 00:00:00
Microsoft Azure Site Recovery信息泄露漏洞
2022-04-15 00:00:00
Microsoft Azure Site Recovery Remote Code Execution Vulnerability
2022-04-15 00:00:00
osv
osv
Azure SDK for .NET Information Disclosure Vulnerability.
2022-04-16 00:00:28
ibm
ibm
Security Bulletin: A vulnerability in Microsoft Azure SDK for .NET affects IBM Robotic Process Automation and could allow a remote authenticated attacker to obtain sensitive information (CVE-2022-26907).
2023-08-31 14:52:23
rapid7blog
rapid7blog
Patch Tuesday - April 2022
2022-04-12 18:48:11

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

6.1 Medium

AI Score

Confidence

High

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.01 Low

EPSS

Percentile

83.8%

JSON
Related for KLA12508
nessus1prion4github1mscve4cve4cvelist4cnvd3osv1ibm1rapid7blog1