Lucene search

Kaspersky LabKLA62433

HistoryDec 13, 2023 - 12:00 a.m.

KLA62433 SUI vulnerability in Microsoft Azure

2023-12-1300:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft azure

spoofing vulnerability

install updates

malicious users

user interface spoofing

cve-2023-21751

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

20.2%

JSON

A spoofing vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to spoof user interface.

Original advisories

CVE-2023-21751

Related products

Microsoft-Azure

CVE list

CVE-2023-21751 warning

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

Azure DevOps Server 2022.1

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21751

statistics.securelist.com/

threats.kaspersky.com/en/product/Microsoft-Azure/

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

20.2%

JSON

Related for KLA62433