2 results (0.023 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

Azure Service Fabric on Windows Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36868 •

CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 0

Azure Service Fabric Container Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en el contenedor de Azure Service Fabric This vulnerability allows local attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code within a container on the target system in order to exploit this vulnerability. The specific flaw exists within the WAagent daemon. The issue results from insufficient verification of the origin of requests. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21531 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •