CVE-2024-21638

Azure IPAM solution Elevation of Privilege Vulnerability

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Azure IPAM (IP Address Management) is a lightweight solution developed on top of the Azure platform designed to help Azure customers manage their IP Address space easily and effectively. By design there is no write access to customers' Azure environments as the Service Principal used is only assigned the Reader role at the root Management Group level. Until recently, the solution lacked the validation of the passed in authentication token which may result in attacker impersonating any privileged user to access data stored within the IPAM instance and subsequently from Azure, causing an elevation of privilege. This vulnerability has been patched in version 3.0.0.

Azure IPAM (administración de direcciones IP) es una solución liviana desarrollada sobre la plataforma Azure diseñada para ayudar a los clientes de Azure a administrar su espacio de direcciones IP de manera fácil y efectiva. Por diseño, no hay acceso de escritura a los entornos de Azure de los clientes, ya que a la entidad de servicio utilizada solo se le asigna la función de lector en el nivel del grupo de administración raíz. Hasta hace poco, la solución carecía de la validación del token de autenticación pasado, lo que puede provocar que un atacante se haga pasar por cualquier usuario privilegiado para acceder a los datos almacenados en la instancia de IPAM y posteriormente desde Azure, lo que provoca una elevación de privilegios. Esta vulnerabilidad ha sido parcheada en la versión 3.0.0.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-12-29 CVE Reserved
2024-01-10 CVE Published
2024-08-01 CVE Updated
2025-02-11 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-269: Improper Privilege Management
CWE-287: Improper Authentication

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://github.com/Azure/ipam/commit/64ef2d07edf16ffa50f29c7e0e25d32d974b367f	2024-01-19
https://github.com/Azure/ipam/pull/218	2024-01-19

URL	Date	SRC
https://github.com/Azure/ipam/security/advisories/GHSA-m8mp-jq4c-g8j6	2024-01-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Azure Ipam Search vendor "Microsoft" for product "Azure Ipam"				< 3.0.0 Search vendor "Microsoft" for product "Azure Ipam" and version " < 3.0.0"		-		Affected