CVE-2022-35829

Name of the Vulnerable Software and Affected Versions Azure Service Fabric Explorer versions 8.1.316 and earlier

Description The issue allows an attacker to potentially gain administrator rights in a cluster. It affects the Azure Service Fabric Explorer, a tool used for managing Azure Service Fabric clusters, which are utilized for creating and deploying cloud-based microservice applications. The problem is related to a privilege escalation vulnerability, where an attacker with 'Create Compose Application' permissions via the SFX client can create a malicious application, exploit a cross-site scripting (XSS) vulnerability in the 'Application name' field, and deliver a payload. Using this payload, the attacker can ultimately reset a cluster node and erase all custom settings, such as passwords and security configurations.

Recommendations For Azure Service Fabric Explorer versions 8.1.316 and earlier, update to a version that includes the fix for this issue, as provided by Microsoft in their recent updates. As a temporary workaround, consider restricting access to the SFX client for users with 'Create Compose Application' permissions to minimize the risk of exploitation. Avoid using the 'Application name' field in the SFX client until the issue is resolved.