Lucene search
MicrosoftMS:CVE-2024-38175HistoryAug 20, 2024 - 7:00 a.m.
Azure Managed Instance for Apache Cassandra Elevation of Privilege Vulnerability
2024-08-2007:00:00
Microsoft
msrc.microsoft.com
6
azure
access control
apache cassandra
elevation
privileges
network
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
20.2%
An improper access control vulnerability in the Azure Managed Instance for Apache Cassandra allows an authenticated attacker to elevate privileges over a network.
Affected configurations
Node
microsoftazure_sdk_for_.netRange<XXX
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | azure_sdk_for_.net | * | cpe:2.3:a:microsoft:azure_sdk_for_.net:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2024-38175
2024-08-20 19:15:09
kaspersky
kaspersky
KLA71710 PE vulnerability in Microsoft Azure
2024-08-20 00:00:00
vulnrichment
vulnrichment
cve
cve
CVE-2024-38175
2024-08-20 19:15:09
cvelist
cvelist
CVSS3
9.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
20.2%
Related for MS:CVE-2024-38175