CVE-2024-43602 — Improper Authorization in Microsoft Azure Cyclecloud

Severity

9.9CRITICALNVD

EPSS

0.6%

top 30.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedNov 12

Description

Azure CycleCloud Remote Code Execution Vulnerability

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 3.1 | Impact: 6.0

▶CVEListV5microsoft/azure_cyclecloud8.6.3 — 8.6.5+2

CVEList

Azure CycleCloud Remote Code Execution Vulnerability↗2024-11-12

▶

GHSA

GHSA-f3v6-qmvg-fhwg: Azure CycleCloud Remote Code Execution Vulnerability↗2024-11-12

▶

Microsoft

Azure CycleCloud Remote Code Execution Vulnerability↗2024-11-12

▶