Lucene search

Kaspersky LabKLA12591

HistoryJul 21, 2022 - 12:00 a.m.

KLA12591 OSI vulnerability in Microsoft Azure

2022-07-2100:00:00

Kaspersky Lab

threats.kaspersky.com

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

An information disclosure vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to obtain sensitive information.

Original advisories

CVE-2022-35798

Related products

Microsoft-Azure

CVE list

CVE-2022-35798 warning

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

Azure Arc Jumpstart

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35798

statistics.securelist.com/

threats.kaspersky.com/en/product/Microsoft-Azure/

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.8%

JSON

Related for KLA12591