Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.
oryginał ENCVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:HMicrosoft Azure Service Fabric
APPMicrosoft10.1< 10.1
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Powiązane podatności
CVE-2023-23383HIGH8.2ten sam produkt
Service Fabric Explorer Spoofing Vulnerability
CVE-2023-21531HIGH7.0ten sam produkt
Azure Service Fabric Container Elevation of Privilege Vulnerability
CVE-2024-43480MEDIUM6.6ten sam produkt
Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2023-36868MEDIUM6.5ten sam produkt
Azure Service Fabric on Windows Information Disclosure Vulnerability
CVE-2022-35829MEDIUM6.2ten sam produkt
Service Fabric Explorer Spoofing Vulnerability