44 matches found
CVE-2022-35783
The connected documents confirm CVE-2022-35783 targets Microsoft Azure Site Recovery, specifically the VMware-to-Azure component. The root cause is insufficient access control, enabling a remote attacker to gain unauthorized access to protected information (information disclosure). Microsoft’s ad...
CVE-2022-35774
CVE-2022-35774 affects Microsoft Azure Site Recovery (VMware-to-Azure component). The root cause is insufficient access controls enabling elevation of privileges. Public details in PT-2022-4700 indicate affected versions are not specified and no fix version is listed; Microsoft updates are refere...
CVE-2022-33655
CVE-2022-33655 is described in connected sources as an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (notably VMware-to-Azure) with an impact category of Obtaining increased entitlements. The NCSC advisory lists the vulnerability under Azure Site Recovery with a bas...
CVE-2022-33667
CVE-2022-33667 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery components (notably Azure Site Recovery VM/VMware to Azure and related libraries). The CVE is documented with a CVSS base score around 6.5 (3.1) and 5.5 (2.0) across versions, indicating privilege el...
CVE-2022-35784
CVE-2022-35784 is a Microsoft Azure Site Recovery elevation-of-privilege vulnerability affecting Azure Site Recovery (notably in VMware‑to‑Azure recovery). Connected sources describe it as a privilege-escalation issue (NCSC listing: Obtaining increased rights) with a CVSS 3.1 base score around 6....
CVE-2022-33652
CVE-2022-33652 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (notably the VMware to Azure deployment) that enables attackers to obtain increased entitlements on the vulnerable component. The connected Nessus/NASL entry confirms Azure Site Recovery as affected and ref...
CVE-2022-35772
CVE-2022-35772 is a remote code execution vulnerability in Microsoft Azure Site Recovery (ASR). Nessus notes indicate authentication bypass and the ability to execute arbitrary commands via a remote exploit. The CVSS v3.1 vector is NETWORK/LOW/High impact, with user interaction: none and privileg...
CVE-2022-33654
CVE-2022-33654 pertains to Microsoft Azure Site Recovery and is an Elevation of Privilege vulnerability. Public docs confirm affected product areas include Azure Site Recovery (and related components) with root cause described as privilege escalation enabling increased entitlements for an attacke...
CVE-2022-33650
CVE-2022-33650 is an elevation-of-privilege vulnerability affecting Microsoft Azure Site Recovery. The connected Nessus doc confirms multiple-related vulnerabilities in Azure Site Recovery and its components, reported when the Azure Site Recovery installation is missing security updates. The vuln...
CVE-2022-33661
CVE-2022-33661 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery. Affected components include Azure Site Recovery (e.g., VMware-to-Azure scenarios) and related Azure Storage/Library integrations. The CVSSv3.1 base score is 6.5 (Network, Low attack complexity, Privileges ...
CVE-2022-33657
CVE-2022-33657 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery components (notably the Site Recovery VM to Azure and related libraries). The NVD entry describes a Privilege Escalation with network attack vector and high impact on integrity/availability, and its ...
CVE-2022-33651
CVE-2022-33651 is documented as an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (Azure Site Recovery/DRaaS). Connected sources corroborate that multiple Site Recovery vulnerabilities were addressed by Microsoft updates; remediation involves installing the published update...
CVE-2022-33674
CVE-2022-33674 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery . The vulnerability is described with a CVSS v3.1 base score of 8.8 (HIGH) and vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating an adjacent-network, network-exploitation-prone flaw that could ...
CVE-2022-33672
CVE-2022-33672 is an Elevation of Privilege in Microsoft Azure Site Recovery. Affected components include Azure Site Recovery VM/VMware-to-Azure flows and related libraries (e.g., Azure Storage Queues/Blobs client libs as listed). Root cause details are not fully disclosed in the provided documen...
CVE-2022-35786
CVE-2022-35786 is an Azure Site Recovery Elevation of Privilege vulnerability. The issue affects Microsoft Azure Site Recovery components, with the root cause described in allied sources as insufficient access restrictions in the emergency recovery tool for VM/ VMware to Azure, enabling remote at...
CVE-2022-35785
The Nessus entry ties CVE-2022-35785 to Azure Site Recovery (VMware‑to‑Azure) with a remote Elevation of Privilege affecting the Site Recovery component. It notes that security updates are missing on the remote host, and lists “Obtaining increased rights” as the impact. Mitigation is to install t...
CVE-2022-33663
CVE-2022-33663 is described as an Azure Site Recovery Elevation of Privilege vulnerability. The available connected documents indicate this affects Azure Site Recovery components and potentially related libraries, with the vulnerability categorized as privilege escalation (obtaining increased pri...
CVE-2022-33664
CVE-2022-33664 is an Azure Site Recovery elevation-of-privilege vulnerability affecting the Azure Site Recovery VMware-to-Azure component, as documented across multiple sources. Public disclosures confirm an elevation of privileges vector within the Site Recovery stack; Microsoft’s advisory and r...
CVE-2022-33671
CVE-2022-33671 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (Azure Site Recovery VM to Azure, components listed under affected products). The available documents confirm the issue and that fixes are delivered via Microsoft updates; to remediate, install the updates ...
CVE-2022-33658
CVE-2022-33658 is described across connected docs as an Azure Site Recovery elevation of privilege vulnerability. The Nessus/NVD/MSRC entries confirm a privilege escalation issue affecting Azure Site Recovery components (e.g., VMware-to-Azure deployment scenarios) with a CVSSv3.1 base score of 4....
CVE-2022-33660
CVE-2022-33660 is an Azure Site Recovery elevation-of-privilege vulnerability. The connected sources confirm this CVE affects Azure Site Recovery components (including VMware-to-Azure workflows) and is associated with multiple privilege-escalation entries in the platform’s vulnerability catalog. ...
CVE-2022-35791
CVE-2022-35791 is associated with Azure Site Recovery and affects the VMware-to-Azure component due to insufficient access controls that can enable elevation of privileges . The connected PT-2022-4207 entry summarizes the issue as privilege escalation in Azure Site Recovery and notes that vulnera...
CVE-2022-33642
CVE-2022-33642 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (notably the VMware-to-Azure deployment). The CVE entry indicates a privilege-escalation issue with a base CVSSv3.1 score of 4.9 (Network, Low complexity, High privileges required, no user interactio...
CVE-2022-33668
CVE-2022-33668 is an elevation-of-privilege vulnerability in Microsoft Azure Site Recovery (Azure Site Recovery/VMware-to-Azure component). NCSC advisory notes the vulnerability is fixed by updates; remediation requires installing updates (Azure Site Recovery version 9.49 is cited as the fix). CV...
CVE-2022-33673
CVE-2022-33673 is an Azure Site Recovery elevation of privilege vulnerability. Affected components include Azure Site Recovery (e.g., VMware to Azure), and the issue is mitigated by Microsoft security updates. Guidance indicates install updates (Azure Site Recovery) and that version 9.49 contains...
CVE-2022-35780
CVE-2022-35780 corresponds to an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (ASR). CVSS 3.1/3.1: Network, Low attack complexity, Privileges Required: High, User Interaction: None, Impact: Privilege escalation and high impact on integrity and availability. Connected sour...
CVE-2022-33643
CVE-2022-33643 is an Elevation of Privilege in Microsoft Azure Site Recovery. Connected sources indicate vulnerability details and impact as Privileges Obtained/HIGH with network-attack vector and LOW attack complexity, requiring HIGH privileges and no user interaction (CVSS3.1: AV:N/AC:L/PR:H/UI...
CVE-2022-33669
CVE-2022-33669 is an elevation-of-privilege vulnerability affecting Microsoft Azure Site Recovery components (e.g., VMware-to-Azure deployment and related Site Recovery libraries). The connected documents confirm a vulnerability in Azure Site Recovery with exploit implications requiring elevated ...
CVE-2022-33665
CVE-2022-33665 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (Azure Site Recovery VM ware to Azure). Public sources in connected documents describe the impact as elevation of privileges with potential for increased entitlements/privileges on the vulnerable com...
CVE-2022-33666
CVE-2022-33666 is an elevation-of-privilege vulnerability affecting Microsoft Azure Site Recovery. The available documents identify Azure Site Recovery components (notably VMware-to-Azure, and related storage/SDK libraries) as affected, with root cause described as privilege escalation, enabling ...
CVE-2022-33662
CVE-2022-33662 is a Microsoft Azure Site Recovery elevation-of-privilege vulnerability affecting Azure Site Recovery components. The NCSC advisory lists it under Azure Site Recovery with the impact set to Obtaining increased privileges and a CVSSv3.1 base score of 6.5 (attack vector Network, atta...
CVE-2022-35781
CVE-2022-35781 is listed across multiple feeds as an Elevation of Privilege vulnerability related to Microsoft Azure Site Recovery. Connected documents identify affected components (Azure Site Recovery/Open Management Infrastructure) and note privilege-escalation potential; a remediation path exi...
CVE-2022-35782
CVE-2022-35782: Azure Site Recovery Elevation of Privilege vulnerability. Affected: Microsoft Azure Site Recovery (Azure Site Recovery, Open Management Infrastructure, VMware-to-Azure components are listed among affected products). Impact: Elevation of privileges (I HIGH), with base CVSSv3.1 scor...
CVE-2022-33659
CVE-2022-33659 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery. Connected sources confirm it as part of a broader set of Azure Site Recovery vulnerabilities fixed by Microsoft updates (e.g., July 2022 updates and MSRC advisories). Affected products include Azure Site R...
CVE-2022-33653
CVE-2022-33653 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery. Connected sources confirm affected area includes Azure Site Recovery components (e.g., VMware-to-Azure workflows) and that fixed versions/updates are distributed via Microsoft security guidance. The vulner...
CVE-2022-33675
CVE-2022-33675 affects Microsoft Azure Site Recovery. A DLL hijacking/planting flaw due to incorrect permissions in the service executable directory (E:\Program Files (x86)\Microsoft Azure Site Recovery\home\svsystems\transport) allows a low-privilege user to load malicious DLLs when the service ...
CVE-2022-35789
CVE-2022-35789 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery. The CVSS 3.1 vector indicates network access required, low attack complexity, with the attacker needing high privileges and no user interaction, and resulting in high impact to confidentiality?none,...
CVE-2022-33656
CVE-2022-33656 is an elevation-of-privilege vulnerability in Microsoft Azure Site Recovery (including its VMware-to-Azure components and related libraries). The Nimbus of data from connected sources shows affected products such as Azure Site Recovery and Azure Storage Library modules, with CVSS s...
CVE-2022-35775
CVE-2022-35775 concerns Microsoft Azure Site Recovery (specifically the VMware to Azure emergency recovery workflow). Connected sources confirm an Elevation of Privilege vulnerability in the Azure Site Recovery component, caused by insufficient access restrictions, enabling a remote attacker to e...
CVE-2022-35776
CVE-2022-35776 is a Denial of Service vulnerability in Microsoft Azure Site Recovery. The Nessus plugin notes the Azure Site Recovery installation on remote hosts is missing security updates and that CVE-2022-35776 contributes to a DoS impact. Affected product: Azure Site Recovery / Open Manageme...
CVE-2022-35790
CVE-2022-35790 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery, with root cause described in a PT-Security writeup as insufficient access control in the VMware-to-Azure component that can allow attackers to escalate privileges. Nessus and NVD entries classify it...
CVE-2022-33641
CVE-2022-33641 is an Elevation of Privilege vulnerability in Microsoft Azure Site Recovery (VMware to Azure). Public docs indicate impact as elevated rights/privileges on affected components and list CVSS metrics: CVSSv3.1 base score 6.5 with Network access, Low attack complexity, Privileges Requ...
CVE-2022-35788
Mode C: CVE-2022-35788 is documented as an Elevation of Privilege vulnerability impacting Microsoft Azure Site Recovery (Azure Site Recovery/VMware-to-Azure deployment). Root cause details are not fully disclosed in the provided documents, but the Nessus plugin and NVD entry confirm a privilege e...
CVE-2022-35787
CVE-2022-35787 is an Elevation of Privilege vulnerability affecting Microsoft Azure Site Recovery (notably the VMware to Azure component). The NVD entry lists it with a MEDIUM base score (4.9) and a network-exposedability vector, indicating potential privilege escalation without user interaction,...