Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
msrcMsrcMSRC:28790B8A1E0E003BFD6B8221E862F13A
HistoryOct 19, 2022 - 1:01 p.m.

Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk

2022-10-1913:01:00
msrc-blog.microsoft.com
13

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

JSON

Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web โ€ฆ

Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk Read More ยป

Related

prion 1
msrc 2
checkpoint_advisories 1
nessus 1
mscve 1
cve 1
thn 2
kaspersky 1
rapid7blog 1
prion
prion
Spoofing
2022-10-11 19:15:00
msrc
msrc
Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk
2022-10-19 07:00:00
Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk
2022-10-19 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Azure Service Fabric Explorer Cross Site Scripting (CVE-2022-35829)
2022-10-27 00:00:00
nessus
nessus
Azure Service Fabric Explorer Spoofing (Oct 2022)
2022-10-26 00:00:00
mscve
mscve
Service Fabric Explorer Spoofing Vulnerability
2022-10-11 07:00:00
cve
cve
CVE-2022-35829
2022-10-11 19:15:00
thn
thn
Researchers Detail Azure SFX Flaw That Could've Allowed Attackers to Gain Admin Access
2022-10-19 13:18:00
Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX
2023-03-30 17:02:00
kaspersky
kaspersky
KLA20004 Multiple vulnerabilities in Microsoft Azure
2022-10-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - October 2022
2022-10-11 18:35:28

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

JSON
Related for MSRC:28790B8A1E0E003BFD6B8221E862F13A
prion1msrc2checkpoint_advisories1nessus1mscve1cve1thn2kaspersky1rapid7blog1