Lucene search
HistoryAug 23, 2024 - 2:15 a.m.
CVE-2024-43477
improper access control
decentralized identity services
unathenticated attacker
disable verifiable id's
another tenant
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.8%
Improper access control in Decentralized Identity Services resulted in a vulnerability that allows an unauthenticated attacker to disable Verifiable ID’s on another tenant.
Related
vulnrichment
vulnrichment
CVE-2024-43477 Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-23 01:14:09
mscve
mscve
Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-22 07:00:00
kaspersky
kaspersky
KLA71828 PE vulnerability in Microsoft Azure
2024-08-22 00:00:00
cvelist
cvelist
CVE-2024-43477 Microsoft Entra ID Elevation of Privilege Vulnerability
2024-08-23 01:14:09
cve
cve
CVE-2024-43477
2024-08-23 02:15:07
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.8%
Related for NVD:CVE-2024-43477