Lucene search

Veracode Vulnerability DatabaseVERACODE:47516

HistoryJun 13, 2024 - 10:20 a.m.

Denial Of Service (DoS)

2024-06-1310:20:52

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

vulnerability

resource consumption

improper handling

requests

microsoft azure

storage datamovement

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.1%

JSON

microsoft.azure.storage.datamovement is vulnerable to a Denial of Service (DoS). The vulnerability is due to improper handling of requests, which can lead to excessive resource consumption.

CPENameOperatorVersion
microsoft.azure.storage.datamovementle2.0.4
microsoft.azure.storage.datamovementle2.0.4

CPE	Name	Operator	Version
	microsoft.azure.storage.datamovement	le	2.0.4
	microsoft.azure.storage.datamovement	le	2.0.4

References

github.com/advisories/GHSA-32f8-hmr3-7vxg

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35252

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.1%

JSON

Related for VERACODE:47516