4 matches found
CVE-2022-37968
CVE-2022-37968 affects Azure Arc‑enabled Kubernetes cluster Connect. An unauthenticated attacker could elevate privileges, potentially obtaining administrative control of the Kubernetes cluster; Azure Stack Edge devices are also affected via Arc. The CVSSv3.1 score is 10.0 (Network, Low/Zero inte...
CVE-2023-21703
CVE-2023-21703 affects Azure Data Box Gateway. The connected documents describe a Remote Code Execution vulnerability caused by insufficient access restrictions in Azure Data Box Gateway, enabling an attacker to execute arbitrary code remotely. The issue is tracked across multiple sources, with M...
CVE-2026-47643
CVE-2026-47643 affects Azure Stack Edge, where external control of a file name or path can let an unauthenticated attacker execute code over the network. The NVD/CVE records describe the impact as remote code execution with high severity (CVSS v3.1: 9.8, NETWORK attack vector, no user interaction...
CVE-2026-41098
Azure Stack Edge is affected by CVE-2026-41098 due to improper neutralization of input during web page generation, enabling cross-site scripting. The vulnerability is exploitable by an authorized attacker over the network to perform spoofing. The CVSS 3.1 metrics indicate a high-impact, network-e...