MEDIUM✓ PATCH🇬🇧 English

CVE-2025-21195

CVSS 6.0v3.1pub. 2025-07-08upd. 2025-07-22

Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H
  • Microsoft Azure Service Fabric

    APP
    Microsoft
    10.1< 10.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2023-23383HIGH8.2ten sam produkt

Service Fabric Explorer Spoofing Vulnerability

CVE-2023-21531HIGH7.0ten sam produkt

Azure Service Fabric Container Elevation of Privilege Vulnerability

CVE-2024-43480MEDIUM6.6ten sam produkt

Azure Service Fabric for Linux Remote Code Execution Vulnerability

CVE-2023-36868MEDIUM6.5ten sam produkt

Azure Service Fabric on Windows Information Disclosure Vulnerability

CVE-2022-35829MEDIUM6.2ten sam produkt

Service Fabric Explorer Spoofing Vulnerability

CVE-2025-21195 — MEDIUM 6.0 | CVEbaza.pl