PT-2024-27899 · Microsoft · Azure Web Apps

Shimi Gersner

·

Published

2024-09-10

·

Updated

2024-09-17

·

CVE-2024-38194

CVSS v3.1

9.9

Critical

VectorAV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Azure Web Apps (affected versions not specified)
Description An authenticated attacker can exploit an improper authorization issue in Azure Web Apps to elevate privileges over a network.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2024-38194

Affected Products

Azure Web Apps