37 matches found
CVE-2022-24506
CVE-2022-24506 affects Microsoft Azure Site Recovery (VMware-to-Azure recovery) and is an Elevation of Privilege vulnerability described as obtaining increased entitlement. Microsoft’s security guidance (NCSC advisory) and Nessus plugin aggregation confirm vulnerability and list related CVEs addr...
CVE-2022-24517
CVE-2022-24517 affects Microsoft Azure Site Recovery (VMware-to-Azure recovery). The vulnerability enables remote code execution in the Azure Site Recovery component; CVSSv3.1: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H (base 7.2), indicating network access with low complexity and high impact if exploit...
CVE-2022-24518
CVE-2022-24518 is an Elevation of Privilege issue affecting Microsoft Azure Site Recovery (specifically the VMware-to-Azure recovery scenario). Public documents summarize it as an elevated-privilege vulnerability within Azure Site Recovery components, with remediation delivered through Microsoft ...
CVE-2022-24515
CVE-2022-24515 concerns an Elevation of Privilege in Microsoft Azure Site Recovery (VMware‑to‑Azure recovery). Connected sources confirm the vulnerability affects Azure Site Recovery and lists privilege escalation as the impact; Microsoft/NCSC references indicate fixes via updates, but the docume...
CVE-2022-24470
Azure Site Recovery (VMware-to-Azure) contains a Remote Code Execution vulnerability tracked as CVE-2022-24470. Public sources in the Connected set confirm it enables executing code remotely and, in at least one listing, is part of a cluster of CVEs Microsoft released fixes for March 2022. The NV...
CVE-2022-35802
CVE-2022-35802 is an Azure Site Recovery Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery components (including Open Management Infrastructure) with a CVSSv3.1 base score of 8.1 (HIGH). The vulnerability enables an attacker with low privileges and network access to ele...
CVE-2022-24467
CVE-2022-24467 corresponds to a remote code execution vulnerability in Microsoft Azure Site Recovery (VMware-to-Azure recovery). The Nessus plugin describes an RCE that can bypass authentication and allow an attacker to execute arbitrary commands on the remote host. Microsoft’s security guidance ...
CVE-2022-24520
CVE-2022-24520 is an Azure Site Recovery remote code execution vulnerability affecting the VMware-to-Azure recovery scenario. Public sources corroborate an RCE impact with network access and no user interaction, and Microsoft’s advisories/updates indicate fixes have been released (MS22-5011122) a...
CVE-2022-33676
CVE-2022-33676 affects Microsoft Azure Site Recovery. The Nessus plugin indicates a remote code execution vulnerability in Site Recovery that can execute arbitrary code on the remote host (CVSSv3.1 base 7.2). Remediation is to install the Microsoft updates; Tenable notes fix requires updating to ...
CVE-2022-26897
CVE-2022-26897 affects Microsoft Azure Site Recovery. The vulnerability is described as an information disclosure vulnerability in Azure Site Recovery, enabling exposure of potentially sensitive information. Connected sources corroborate this CVE as part of MSRC updates and broader Azure vulnerab...
CVE-2022-24468
CVE-2022-24468 is a remote code execution vulnerability in Microsoft Azure Site Recovery (specifically the VMware-to-Azure recovery scenario). The NVD/MSR entries indicate a network-accessible flaw with a base CVSSv3.1 score of 7.2 (HIGH) and an impact profile of high confidentiality, integrity, ...
CVE-2022-35808
CVE-2022-35808 is an Elevation of Privilege in Microsoft Azure Site Recovery (VMware to Azure component) that can enable an attacker to obtain increased rights on a vulnerable host. The connected Nessus entry confirms this CVE among a set of Azure Site Recovery vulnerabilities and notes that affe...
CVE-2024-21364
CVE-2024-21364 corresponds to a Microsoft Azure Site Recovery Elevation of Privilege vulnerability. Connected sources confirm the issue affects the Azure Site Recovery Configuration Server (Classic VMware/Physical to Azure scenario) and that remediation is available via updates from Microsoft. Sp...
CVE-2022-24469
CVE-2022-24469 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (VMware-to-Azure recovery). The ENISA/NCSC-affiliated sources confirm the affected component is Azure Site Recovery, with the impact described as obtaining elevated privileges. Notably, CVE-2022-24469 is de...
CVE-2022-35799
CVE-2022-35799 describes an Elevation of Privilege in Microsoft Azure Site Recovery (noted as a privilege escalation in the Azure Site Recovery component, including VMware-to-Azure scenarios). Public documentation in connected sources confirms the issue affects Azure Site Recovery and related com...
CVE-2022-26898
CVE-2022-26898 affects Microsoft Azure Site Recovery. The vulnerability enables Remote Code Execution in the Azure Site Recovery installation, stemming from input handling in the vulnerable component and allowing an attacker to execute arbitrary commands on the remote host. Root cause details ind...
CVE-2022-35812
CVE-2022-35812 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (Azure Site Recovery component). The linked data indicates a network-exploitable issue with low attack complexity, requiring high privileges and no user interaction, resulting in confidentiality impa...
CVE-2022-24519
CVE-2022-24519 affects Microsoft Azure Site Recovery (VMware-to-Azure scenario) and is an Elevation of Privilege vulnerability. Public-details in connected sources confirm the vulnerability and that Microsoft released updates to fix it (MS22-5011122; see NCSC advisory). Remediation guidance: appl...
CVE-2022-35824
CVE-2022-35824 is a remote code execution vulnerability affecting Microsoft Azure Site Recovery (including the VMware-to-Azure deployment path). The provided connected doc confirms a remote code execution risk in the Azure Site Recovery component and notes that Microsoft has released updates to f...
CVE-2022-24471
CVE-2022-24471 affects Microsoft Azure Site Recovery (VMware to Azure). It is described as a remote code execution vulnerability in Azure Site Recovery components, with a CVSSv3.1 base score of 7.2 (HIGH), NETWORK attack vector, LOW attack complexity, no user interaction, and required privileges ...
CVE-2022-35810
CVE-2022-35810 is an Elevation of Privilege in Microsoft Azure Site Recovery, specifically in the VMWare-to-Azure component. The Nessus-derived data indicates a remote attacker can exploit this to gain elevated privileges on the affected system. The vulnerability is associated with insufficient a...
CVE-2022-33678
CVE-2022-33678 is a remote code execution vulnerability affecting Microsoft Azure Site Recovery components, including the VMware-to-Azure deployment and related Azure Storage Library entries. The connected documents confirm a network-exploitable issue that could allow an attacker to run arbitrary...
CVE-2022-26896
CVE-2022-26896 concerns an information-disclosure vulnerability in Microsoft Azure Site Recovery installations. Public details in connected documents confirm: affected product is Azure Site Recovery (VMware-to-Azure recovery context cited by Nessus plugin), vulnerability type is information discl...
CVE-2022-35816
CVE-2022-35816 concerns Microsoft Azure Site Recovery, specifically the VMware-to-Azure workflow. The connected PT-2022-4214 entry attributes the issue to insufficient access controls, enabling privilege escalation. In the Nessus/NVD context, the vulnerability is categorized as an elevation of pr...
CVE-2022-35813
CVE-2022-35813 affects Microsoft Azure Site Recovery (ASR). It is described as an Elevation of Privilege vulnerability in ASR/VMware-to-Azure components. Impact details in the linked metrics indicate potential unauthorized privilege escalation with integrity and availability impact (I=High, A=Hig...
CVE-2022-35814
CVE-2022-35814 is an elevation-of-privilege vulnerability in Microsoft Azure Site Recovery. The NVD entry associates network-based access with high-privilege requirements and a high-impact profile (I/H, A/H) for lateral privilege elevation, with no user interaction. Connected sources reinforce th...
CVE-2022-35800
CVE-2022-35800 maps to a Microsoft Azure Site Recovery elevation-of-privilege issue. Connected PT-2022-4701 describes it as an insufficient access restriction in the Azure Site Recovery VMware-to-Azure component, which could enable a remote attacker to elevate privileges. Public documentation in ...
CVE-2022-35801
Technical details (affected components, root cause, exploit vector, and fixes) for CVE-2022-35801 are not provided in the supplied documents. Monitor Microsoft MSRC updates and vendor advisories for remediation specifics and confirmed impact.
CVE-2022-33677
CVE-2022-33677 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (notably the VMware to Azure component). Public materials describe the issue as an elevated-privilege flaw with high-severity impact and indicate that Microsoft released updates to fix it; one adviso...
CVE-2022-35815
CVE-2022-35815 is documented as an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery. The connected sources corroborate ASR involvement and classify the impact as privilege escalation with high impact to integrity and availability, and list a CVSS v3.1 base score of 6.5...
CVE-2022-35811
CVE-2022-35811 corresponds to an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery, specifically in the VMware-to-Azure component. The issue is described as insufficient access controls that could allow a remote attacker to gain elevated privileges. Public sources in the conne...
CVE-2022-35809
CVE-2022-35809 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery, associated with the VMware‑to‑Azure component. The linked materials describe privilege escalation by exploiting access control weaknesses to gain elevated rights within the affected service. Public exploit...
CVE-2022-35817
CVE-2022-35817 is described as an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery. Connected sources (NVD/NCSC/CNNVD and Nessus/Tenable) indicate it concerns Azure Site Recovery with privilege-escalation potential (obtaining increased rights) and note Microsoft update...
CVE-2022-35818
Public technical details are not provided in the supplied documents for CVE-2022-35818. Monitor vendor advisories for fixes and disclosure updates.
CVE-2022-35819
CVE-2022-35819 is an Elevation of Privilege vulnerability impacting Microsoft Azure Site Recovery (notably the VMware-to-Azure component). The issue enables a user with high privileges to elevate rights within the affected system. The advisories indicate updates exist to fix the vulnerability; ap...
CVE-2022-30181
CVE-2022-30181 is an Azure Site Recovery elevation-of-privilege vulnerability affecting Azure Site Recovery components (including VMware-to-Azure workflows) and related Azure Storage libraries per public advisories. The issue enables an attacker to obtain elevated privileges on the vulnerable sys...
CVE-2022-35807
CVE-2022-35807 affects Microsoft Azure Site Recovery with Elevation of Privilege. The CVSS v3.1 base shows MEDIUM severity (6.5), attack vector Network, no user interaction, but privileges required are HIGH and impact includes HIGH integrity and availability. Affected product component is Azure S...