Main Vulnerability Database Vulnerabilities #VU88420

Improper Authorization in Azure Migrate - CVE-2024-26193

Published: April 10, 2024

Vulnerability identifier: #VU88420

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-26193

CWE-ID: CWE-285

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
Azure Migrate

Software vendor:
Microsoft

Description

The vulnerability allows a remote user to bypass authorization.

The vulnerability exists due to improper authorization checks in Azure Migrate. An administrator on the local network can execute arbitrary code on the target system.

Remediation

Install updates from vendor's website.

External links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26193

Improper Authorization in Azure Migrate - CVE-2024-26193

Description

Remediation

External links

Please verify you're human