Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2024-43602: Azure CycleCloud Remote Code Execution Vulnerability

How could an attacker exploit this vulnerability?

An attacker with basic user permissions can send specially crafted requests to modify the configuration of an Azure CycleCloud cluster to gain Root level permissions enabling them to execute commands on any Azure CycleCloud cluster in the current instance and in some scenarios, compromise administrator credentials.

Microsoft Security Response Center
#vulnerability#ios#rce#Azure CycleCloud#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2024-49060: Azure Stack HCI Elevation of Privilege Vulnerability