Lucene search
PRIOn knowledge basePRION:CVE-2022-39327HistoryOct 25, 2022 - 5:15 p.m.
Code injection
2022-10-2517:15:00
PRIOn knowledge base
www.prio-n.com
5
azure cli
code injection
vulnerability
windows
azure
powershell
upgrade
nvd
Azure CLI is the command-line interface for Microsoft Azure. In versions previous to 2.40.0, Azure CLI contains a vulnerability for potential code injection. Critical scenarios are where a hosting machine runs an Azure CLI command where parameter values have been provided by an external source. The vulnerability is only applicable when the Azure CLI command is run on a Windows machine and with any version of PowerShell and when the parameter value contains the & or | symbols. If any of these prerequisites are not met, this vulnerability is not applicable. Users should upgrade to version 2.40.0 or greater to receive a a mitigation for the vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| azure_command-line_interface | lt | 2.40.0 |
Related
cve
cve
CVE-2022-39327
2022-10-25 17:15:56
debiancve
debiancve
CVE-2022-39327
2022-10-25 17:15:56
osv
osv
CVE-2022-39327
2022-10-25 17:15:56
Improper Control of Generation of Code ('Code Injection') in Azure CLI
2022-10-25 19:56:51
BIT-azure-cli-2022-39327
2024-03-06 10:50:38
nvd
nvd
CVE-2022-39327
2022-10-25 17:15:56
mscve
mscve
github
github
Improper Control of Generation of Code ('Code Injection') in Azure CLI
2022-10-25 19:56:51
ubuntucve
ubuntucve
CVE-2022-39327
2022-10-25 00:00:00
veracode
veracode
Arbitrary Code Injection
2022-10-26 04:18:56
cvelist
cvelist
wallarmlab
wallarmlab
Azure CLI Code Injection CVE-2022-39327 hits 9.8/10 CVSS score
2022-10-29 07:51:10
kaspersky
kaspersky
KLA20046 Multiple vulnerabilities in Microsoft Azure
2022-11-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2022
2022-11-08 20:02:57