3 matches found
CVE-2024-26193
CVE-2024-26193 is an Azure Migrate Remote Code Execution vulnerability. Public materials confirm an RCE in Azure Migrate components, notably the Azure Migrate Auto Update on remote Windows hosts prior to version 6.1.294.1003 (per Nessus plugin). The CVSSv3.1 base score is 6.4 (AV:A, AC:H, PR:H, U...
CVE-2024-30053
CVE-2024-30053 refers to a Cross-Site Scripting vulnerability in Microsoft Azure Migrate. The Azure Migrate product is affected; Microsoft has released updates to fix the issue (MSRC advisory page cited). Public risk details indicate a Medium severity (CVSS v3.1 base score around 6.5; B: 6.5) wit...
CVE-2021-42306
CVE-2021-42306 describes an information-disclosure vulnerability in Azure AD where private key data uploaded as part of a certificate in the keyCredential of an Application or Service Principal could be read by an entity with application read access in the tenant. The root cause is the handling o...