8 matches found
CVE-2024-29993
CVE-2024-29993 affects Azure CycleCloud and is an Elevation of Privilege vulnerability. Microsoft/MSRC lists this vulnerability under Azure CycleCloud with a CVSSv3 base score of 8.8 (Network, Privileges Required: Low, User Interaction: None; impacts Confidentiality, Integrity, Availability). The...
CVE-2021-33762
Azure CycleCloud CVE-2021-33762 is a local, privilege-escalation vulnerability. An authenticated, local attacker could exploit this to elevate privileges on the affected CycleCloud component. Several connected sources corroborate the issue (e.g., Nessus plug‑in notes privilege escalation to obtai...
CVE-2022-41085
CVE-2022-41085 corresponds to an Elevation of Privilege vulnerability in Microsoft Azure CycleCloud. Connected documents indicate affected versions Azure CycleCloud 7 and 8, with root cause described as insufficient access controls in some sources. Remediation guidance across sources points to ap...
CVE-2021-36943
CVE-2021-36943 is an Azure CycleCloud elevation of privilege issue. Connected sources confirm a local escalation vulnerability in Azure CycleCloud, with root cause described as insufficient access control allowing a local attacker to elevate privileges. Public disclosures note the vulnerability a...
CVE-2024-38195
CVE-2024-38195 is an Azure CycleCloud remote code execution vulnerability identified by Microsoft. Connected sources confirm an access-control related flaw that could enable an attacker to execute arbitrary code on affected systems. Reported affected products/versions include Azure CycleCloud 8.0...
CVE-2024-38092
CVE-2024-38092 is an Elevation of Privilege vulnerability in Microsoft Azure CycleCloud. The Azure CycleCloud product is affected; CVE details indicate a privilege escalation path, with a CVSSv3 base score of 8.8 (High) and exploitability characteristics (network access, low attack complexity, lo...
CVE-2024-43602
CVE-2024-43602 (Azure CycleCloud Remote Code Execution Vulnerability) affects Azure CycleCloud; authenticated attackers can exploit a storage-credential disclosure to execute arbitrary code on a target node. The issue is tied to CycleCloud’s configuration handling and can lead to remote code exec...
CVE-2024-43469
CVE-2024-43469 affects Microsoft Azure CycleCloud. The vulnerability enables remote code execution due to a disclosure of storage credentials, allowing an authenticated, remote attacker to bypass authentication and execute arbitrary commands with root privileges. CVSSv3.1 base score is 8.8 (HIGH)...