Lucene search
MicrosoftMS:CVE-2024-43477HistoryAug 22, 2024 - 7:00 a.m.
Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-2207:00:00
Microsoft
msrc.microsoft.com
6
access control
unauthenticated attacker
verifiable ids
decentralized identity services
elevation of privilege
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.8%
Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID’s on another tenant.
Related
vulnrichment
vulnrichment
CVE-2024-43477 Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-23 01:14:09
nvd
nvd
CVE-2024-43477
2024-08-23 02:15:07
kaspersky
kaspersky
KLA71828 PE vulnerability in Microsoft Azure
2024-08-22 00:00:00
cvelist
cvelist
CVE-2024-43477 Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-23 01:14:09
cve
cve
CVE-2024-43477
2024-08-23 02:15:07
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.8%
Related for MS:CVE-2024-43477