VDB
CISA-2024-21397
CISA-2024-21397
PUBLISHED
CVSS 5.3 MEDIUM
Reported by microsoft · Published February 13, 2024
Microsoft Azure File Sync Elevation of Privilege Vulnerability
Risk Scores
CVSS 3.1
5.3
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Azure File Sync | 16.0.0 |
| Microsoft | Azure File Sync | 15.0.0 |
| Microsoft | Azure File Sync | 14.0.0 |
| Microsoft | Azure File Sync | 17.0.0 |
| microsoft | azure_file_sync | 16.0.0, 15.0.0, 14.0.0 |
| Microsoft | Azure File Sync | 16.0.0, 15.0.0, 14.0.0 |
Timeline
- Feb 13, 2024 CVE Published
- May 3, 2025 CVE Updated
- Apr 26, 2026 Security Advisory
References
- Microsoft Azure File Sync Elevation of Privilege Vulnerability vendor-advisory