Risk | High |
Patch available | YES |
Number of vulnerabilities | 18 |
CVE-ID | CVE-2023-48795 CVE-2020-12912 CVE-2020-8694 CVE-2020-8695 CVE-2023-1667 CVE-2023-2283 CVE-2023-29406 CVE-2023-38472 CVE-2023-4408 CVE-2023-50387 CVE-2023-50495 CVE-2023-50868 CVE-2023-5517 CVE-2023-5679 CVE-2023-6004 CVE-2023-6516 CVE-2023-6918 CVE-2024-0985 |
CWE-ID | CWE-326 CWE-200 CWE-284 CWE-204 CWE-20 CWE-287 CWE-644 CWE-617 CWE-400 CWE-78 CWE-252 CWE-269 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #10 is available. Public exploit code for vulnerability #12 is available. |
Vulnerable software |
Azure Stack Server applications / Other server solutions |
Vendor | Microsoft |
Security Bulletin
This security bulletin contains information about 18 vulnerabilities.
EUVDB-ID: #VU84537
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-48795
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to incorrect implementation of the SSH Binary Packet Protocol (BPP), which mishandles the handshake phase and the use of sequence numbers. A remote attacker can perform MitM attack and delete the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the attacker to disable a subset of the keystroke timing obfuscation features introduced in OpenSSH 9.5.
The vulnerability was dubbed "Terrapin attack" and it affects both client and server implementations.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48373
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12912
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in the Running Average Power Limit (RAPL) interface. A local user can gain unauthorized access to sensitive information on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48371
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8694
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the Linux kernel driver. A local user can bypass implemented security restrictions and gain unauthorized access to sensitive information on the system.
Affected products:
Product Collection |
Vertical Segment |
CPUID |
8th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
8th Generation Intel® Core™ Processor Family |
Mobile |
906EA |
9th Generation Intel® Core™ Processor Family |
Mobile |
906EC |
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
9th Generation Intel® Core™ Processor Family |
Desktop |
906EC |
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
8th Generation Intel® Core™ Processor Family Intel® Pentium® Gold Processor Series Intel® Celeron® Processor G Series |
Desktop |
906EB |
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0660 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0661 |
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
10th Generation Intel® Core™ Processor Family |
Desktop |
A0653 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0655 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0652 |
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A1 |
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A8 |
10th Generation Intel® Core™ Processor Family |
Mobile |
706E5 |
8th Generation Intel® Core™ Processor Family |
Mobile |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile Embedded |
906E9 |
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
7th Generation Intel® Core™ Processor Family |
Desktop Embedded |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
Intel® Core™ X-series Processors |
Desktop |
906E9 |
Intel® Xeon® Processor E3 v6 Family |
Server Workstation AMT Server |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
6th Generation Intel® Core™ Processor Family |
Mobile |
506E3 |
6th Generation Intel® Core™ Processor Family |
Desktop Embedded |
506E3 |
6th Generation Intel® Core™ Processors |
Mobile |
406E3 |
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
Intel® Xeon® Processor E3 v5 Family |
Server Workstation AMT Server |
506E3 |
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
8th Generation Intel® Core™ Processors |
Mobile |
806EB |
8th Generation Intel® Core™ Processors |
Mobile |
806EC |
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU48372
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-8695
CWE-ID:
CWE-204 - Observable Response Discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to observable discrepancy in the Running Average Power Limit (RAPL) Interface. A local administrator can gain access to sensitive information on the target system.
Affected products:
Product Collection |
Vertical Segment |
CPUID |
8th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
8th Generation Intel® Core™ Processor Family |
Mobile |
906EA |
9th Generation Intel® Core™ Processor Family |
Mobile |
906EC |
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
9th Generation Intel® Core™ Processor Family |
Desktop |
906EC |
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
8th Generation Intel® Core™ Processor Family Intel® Pentium® Gold Processor Series Intel® Celeron® Processor G Series |
Desktop |
906EB |
Intel® Xeon® Processor E Family |
Server Workstation AMT Server |
906EA |
8th Generation Intel® Core™ Processor Family |
Desktop |
906EA |
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
9th Generation Intel® Core™ Processor Family |
Desktop |
906ED |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0660 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0661 |
10th Generation Intel® Core™ Processor Family |
Mobile |
806EC |
10th Generation Intel® Core™ Processor Family |
Desktop |
A0653 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0655 |
10th Generation Intel® Core™ Processor Family |
Mobile |
A0652 |
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A1 |
Intel® Pentium® Processor Silver Series Intel® Celeron® Processor J Series Intel® Celeron® Processor N Series |
Desktop Mobile Embedded |
706A8 |
10th Generation Intel® Core™ Processor Family |
Mobile |
706E5 |
8th Generation Intel® Core™ Processor Family |
Mobile |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile Embedded |
906E9 |
8th Generation Intel® Core™ Processor Family |
Mobile |
806EA |
7th Generation Intel® Core™ Processor Family |
Desktop Embedded |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
Intel® Core™ X-series Processors |
Desktop |
906E9 |
Intel® Xeon® Processor E3 v6 Family |
Server Workstation AMT Server |
906E9 |
7th Generation Intel® Core™ Processor Family |
Mobile |
806E9 |
6th Generation Intel® Core™ Processor Family |
Mobile |
506E3 |
6th Generation Intel® Core™ Processor Family |
Desktop Embedded |
506E3 |
6th Generation Intel® Core™ Processors |
Mobile |
406E3 |
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
Intel® Xeon® Processor E3 v5 Family |
Server Workstation AMT Server |
506E3 |
6th Generation Intel® Core™ Processor Family |
Mobile |
406E3 |
8th Generation Intel® Core™ Processors |
Mobile |
806EB |
8th Generation Intel® Core™ Processors |
Mobile |
806EC |
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75741
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-1667
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to multiple errors in kex implementation, related to kex guessing algorithm. A remote attacker can bypass implemented security restrictions.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU75740
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2283
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error within the pki_verify_data_signature() function in pki_crypto.c. The pki_key_check_hash_compatible() function can return SSH_OK value if memory allocation error happens later in the function. The A remote attacker can bypass authentication process and gain unauthorized access to the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU78327
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-29406
CWE-ID:
CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to improper input validation in HTTP/1 client when handling HTTP Host header. A remote non-authenticated attacker can send a specially crafted HTTP request with a maliciously crafted Host header and inject additional headers or entire requests.
Successful exploitation of the vulnerability may allow an attacker to perform cross-site scripting, cache poisoning or session hijacking attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU83303
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-38472
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion within the avahi_rdata_parse() function. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86383
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-4408
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when parsing DNS messages. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86377
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-50387
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU84723
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-50495
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the _nc_wrap_entry() function. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86378
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-50868
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation when processing DNSSEC related records. A remote attacker can trigger resource exhaustion by forcing the DNS server to query a specially crafted DNSSEC zone and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU86382
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5517
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion when querying RFC 1918 reverse zones. A remote attacker can send a specially crafted DNS query and perform a denial of service attack.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86381
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5679
CWE-ID:
CWE-617 - Reachable Assertion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a reachable assertion caused by a bad interaction between DNS64 and serve-stale. A remote attacker can query a DNS64-enabled resolver for domain names triggering serve-stale.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU84538
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6004
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in OpenSSH client. If an invalid user or hostname that contained shell metacharacters was passed to ssh(1), and a ProxyCommand, LocalCommand directive or "match exec" predicate referenced the user or hostname via %u, %h or similar expansion token, then an attacker who could supply arbitrary user/hostnames to ssh(1) could potentially perform command injection depending on what quoting was present in the user-supplied ssh_config(5) directive.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86379
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6516
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing specific recursive patterns. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack against the DNS resolver.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU84540
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-6918
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to libssh does not check for returned values of message digest (MD) operations in low memory conditions. A remote attacker can terminate the connection or force the library to use weak keys.
Install update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU86275
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0985
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the database.
The vulnerability exists due to late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY. A remote user who is an object creator can execute arbitrary SQL functions as the command issuer.
MitigationInstall update from vendor's website.
Vulnerable software versionsAzure Stack: before 10.2402
CPE2.3 External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.