PT-2023-1421 · Microsoft · Azure App Service

Denis Faiustov

Publicado

2023-02-14

Atualizado

2024-05-29

CVE-2023-21777

CVSS v3.1

8.7

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L

Name of the Vulnerable Software and Affected Versions Azure App Service on Azure Stack Hub (affected versions not specified)

Description The issue is related to an elevation of privilege vulnerability in Azure App Service on Azure Stack Hub. It is associated with access control errors. Exploitation of the vulnerability could allow a remote attacker to elevate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Improper Privilege Management

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94CWE-269CWE-284

Identificadores relacionados

BDU:2023-00815

CVE-2023-21777

Produtos afetados

Azure App Service

PT-2023-1421 · Microsoft · Azure App Service

CVE-2023-21777

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5