VDB

GCVE-110-NCSC-2024-366

GCVE-110-NCSC-2024-366
Advisory PublishedCVSS 8.2/10
Vulnetix · Advisory published September 10, 2024
Microsoft heeft kwetsbaarheden verholpen in diverse Azure-componenten.

Weaknesses (CWE)

CWE-20Improper Input ValidationCWE-284Improper Access ControlCWE-59Improper Link Resolution Before File Access ('Link Following')CWE-94Improper Control of Generation of Code ('Code Injection')

Risk Scores

CVSS 3.1
8.2/10
High · CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L/E:U/RL:O/RC:C

Affected Products

VendorProductVersionsPlatforms
microsoftazure_cyclecloud_8.6.0
microsoftazure_cyclecloud_8.0.0
microsoftazure_cyclecloud_8.1.1
microsoftazure_web_apps
microsoftazure_cyclecloud_8.2.1
microsoftazure_cyclecloud_8.1.0
microsoftazure_cyclecloud_8.3.0
microsoftazure_cyclecloud_8.4.0
microsoftazure_cyclecloud_8.5.0
microsoftazure_cyclecloud_8.0.1
microsoftazure_cyclecloud_8.2.2
microsoftazure_cyclecloud
microsoftazure_network_watcher_vm_extension
microsoftazure_cyclecloud_8.4.1
microsoftazure_cyclecloud_8.4.2
microsoftazure_cyclecloud_8.0.2
microsoftazure_stack_hub
microsoftazure_cyclecloud_8.2.0

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,685 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›