Lucene search
K
MicrosoftAzure Service Fabric

7 matches found

CVE
CVE
added 2023/03/14 4:55 p.m.218 views

CVE-2023-23383

CVE-2023-23383 is a spoofing vulnerability affecting Azure Service Fabric Explorer (SFX). Public materials describe a remote, unauthenticated chain enabling spoofed UI and, in a detailed exploit write-up, remote code execution via an XSS chain in SFX 9.1.1436.9590 and earlier. Affected product/ve...

8.2CVSS5.5AI score0.11687EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.125 views

CVE-2023-21531

CVE-2023-21531 is an elevation-of-privilege vulnerability affecting Azure Service Fabric Container . Reports indicate the issue enables a local attacker with low privileges to gain higher privileges within the affected Service Fabric Container, with a CVSS v3.1 base score of 7.0 (High) and impact...

7CVSS7AI score0.00708EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.114 views

CVE-2022-35829

CVE-2022-35829 is a cross-site scripting (XSS) vulnerability in Microsoft Azure Service Fabric Explorer (SFX). The issue affects older SFX web client versions (SFXv1), allowing a remote attacker to inject scripts and potentially access confidential data. The advisory notes that the vulnerability ...

6.2CVSS5.5AI score0.19762EPSS
CVE
CVE
added 2023/07/11 5:3 p.m.99 views

CVE-2023-36868

Azure Service Fabric on Windows (Azure Service Fabric 9.0 and 9.1 for Windows) is affected by CVE-2023-36868, described as an information-disclosure vulnerability that could allow an attacker to obtain sensitive data. The CVSS base score is 6.5 (Medium) with adjacent attack vector, low complexity...

6.5CVSS6.5AI score0.00652EPSS
CVE
CVE
added 2021/03/11 3:50 p.m.82 views

CVE-2021-27075

CVE-2021-27075 is an Azure information-disclosure vulnerability affecting Azure Virtual Machines across multiple Azure services (e.g., Azure Spring Cloud, AKS, Container Instance, Service Fabric). The underlying root cause is described as an information disclosure flaw allowing access to sensitiv...

6.8CVSS6.3AI score0.01343EPSS
CVE
CVE
added 2024/10/08 5:35 p.m.79 views

CVE-2024-43480

CVE-2024-43480 affects Azure Service Fabric for Linux. Connected docs indicate a remote code execution vulnerability, with a possible root cause described as a buffer overflow in dynamic memory (per PT-2024-6744). CVSSv3 base score is 6.6 (MEDIUM) with network access, high attack complexity and h...

6.6CVSS7AI score0.01074EPSS
CVE
CVE
added 2025/07/08 4:57 p.m.47 views

CVE-2025-21195

CVE-2025-21195 refers to an elevation-of-privilege flaw in Azure Service Fabric Runtime caused by improper link resolution before file access (link following). The vulnerability enables a locally authenticated attacker to elevate privileges on affected Service Fabric components. Connected sources...

6CVSS6.5AI score0.00323EPSS