Service Fabric

CVE-2023-36868: Azure Service Fabric on Windows Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #windows #microsoft #Service Fabric #Security Vulnerability

CVE-2023-36868: Azure Service Fabric on Windows Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #windows #Service Fabric #Security Vulnerability

CVE-2023-23383: Service Fabric Explorer Spoofing Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** The vulnerability is in the web client, but the malicious scripts executed in the victim’s browser translate into actions executed in the (remote) cluster.

1 year ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #microsoft #Service Fabric #Security Vulnerability

CVE-2022-35829: Service Fabric Explorer Spoofing Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** An attacker needs to have CreateComposeDeployment permission to exploit this vulnerability. Please refer to the **Security/ClientAccess** section of Customize Service Fabric cluster settings for more information on the permission.

2 years ago

Microsoft Security Response Center

Open in Source

#vulnerability #web #Service Fabric #Security Vulnerability

Tag

#Service Fabric