CVE-2020-17002
published 2020-12-10CVE-2020-17002: Azure SDK for C Security Feature Bypass Vulnerability
PriorityP353critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
3.23%
86.7th percentile
Azure SDK for C Security Feature Bypass Vulnerability
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | azure-c-shared-utility | < publication | publication |
| microsoft | azure-c-shared-utility_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | azure-c-shared-utility_release_lts_07_2020_ref02 | < publication | publication |
| microsoft | azure-uamqp-c | >= 1.0.0 < publication | publication |
| microsoft | azure-uamqp-c_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | azure-uamqp-c_release_lts_07_2020_ref02 | < publication | publication |
| microsoft | azure-uhttp-c | < publication | publication |
| microsoft | azure-uhttp-c_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | azure-uhttp-c_release_lts_07_2020_ref02 | < publication | publication |
| microsoft | azure-umqtt-c | < publication | publication |
| microsoft | azure-umqtt-c_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | azure-umqtt-c_release_lts_07_2020_ref02 | < publication | publication |
| microsoft | azure-utpm-c | < publication | publication |
| microsoft | azure-utpm-c_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | azure-utpm-c_release_lts_07_2020_ref02 | < publication | publication |
| microsoft | c_sdk_for_azure_iot | < publication | publication |
| microsoft | c_sdk_for_azure_iot | < lts_07_2020_ref02 | lts_07_2020_ref02 |
| microsoft | c_sdk_for_azure_iot_release_lts_02_2020_ref02 | < publication | publication |
| microsoft | c_sdk_for_azure_iot_release_lts_07_2020_ref02 | < publication | publication |
| msrc | azure-c-shared-utility | — | — |
| msrc | azure-c-shared-utility_release_lts_02_2020_ref02 | — | — |
| msrc | azure-c-shared-utility_release_lts_07_2020_ref02 | — | — |
| msrc | azure-uamqp-c | — | — |
| msrc | azure-uamqp-c_release_lts_02_2020_ref02 | — | — |
| msrc | azure-uamqp-c_release_lts_07_2020_ref02 | — | — |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.09.4CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:N
vendor_msrc7.4HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-12-10
Published