Lucene search

Kaspersky LabKLA65131

HistoryMar 12, 2024 - 12:00 a.m.

KLA65131 Multiple vulnerabilities in Microsoft Azure

2024-03-1200:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft azure

vulnerabilities

privileges

arbitrary code

exploits

sdk

open management infrastructure

sonic

sentinel

automation

kubernetes

update management

container monitoring

security center

data studio

log analytics agent

ace

cve-ids

microsoft official advisories

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.3%

JSON

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Azure Data Studio can be exploited remotely to gain privileges.
A spoofing vulnerability in Azure SDK can be exploited remotely to spoof user interface.
An elevation of privilege vulnerability in Microsoft Azure Kubernetes Service Confidential Container can be exploited remotely to gain privileges.
A remote code execution vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Open Management Infrastructure (OMI) can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Software for Open Networking in the Cloud (SONiC) can be exploited remotely to gain privileges.

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Related products

Microsoft-Azure

CVE list

CVE-2024-21334 critical

CVE-2024-21330 critical

CVE-2024-26203 high

CVE-2024-21421 critical

CVE-2024-21400 critical

CVE-2024-21418 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

Azure SDKOpen Management InfrastructureSoftware for Open Networking in the Cloud (SONiC) 201911Azure SentinelSoftware for Open Networking in the Cloud (SONiC) 202012Azure Automation Update ManagementContainer Monitoring SolutionAzure Kubernetes Service Confidential ContainersOperations Management Suite Agent for Linux (OMS)Azure AutomationAzure Security CenterSoftware for Open Networking in the Cloud (SONiC) 201811Azure Data StudioSoftware for Open Networking in the Cloud (SONiC) 202205Log Analytics Agent