CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2024-43480 – Azure Service Fabric for Linux Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43480
Azure Service Fabric for Linux Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43480 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36868 – Azure Service Fabric on Windows Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36868
Azure Service Fabric on Windows Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36868 •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23383 – Service Fabric Explorer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-23383
Service Fabric Explorer Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23383 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21531 – Azure Service Fabric Container Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-21531
Azure Service Fabric Container Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en el contenedor de Azure Service Fabric This vulnerability allows local attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code within a container on the target system in order to exploit this vulnerability. The specific flaw exists within the WAagent daemon. The issue results from insufficient verification of the origin of requests. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21531 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35829 – Service Fabric Explorer Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2022-35829
Service Fabric Explorer Spoofing Vulnerability Una Vulnerabilidad de Suplantación de Service Fabric Explorer • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35829 •