Improper Authorization in Azure Migrate - CVE-2024-26193
Published: April 10, 2024
Vulnerability identifier: #VU88420
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-26193
CWE-ID: CWE-285
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Microsoft
Affected software:
Azure Migrate
Azure Migrate
Detailed vulnerability description
The vulnerability allows a remote user to bypass authorization.
The vulnerability exists due to improper authorization checks in Azure Migrate. An administrator on the local network can execute arbitrary code on the target system.
How to mitigate CVE-2024-26193
Install updates from vendor's website.