Improper link resolution before file access ('link following') in Service Fabric allows an authorized attacker to elevate privileges locally.
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:HMicrosoft Azure Service Fabric
APPMicrosoft10.1< 10.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2023-23383HIGH8.2ten sam produkt
Service Fabric Explorer Spoofing Vulnerability
CVE-2023-21531HIGH7.0ten sam produkt
Azure Service Fabric Container Elevation of Privilege Vulnerability
CVE-2024-43480MEDIUM6.6ten sam produkt
Azure Service Fabric for Linux Remote Code Execution Vulnerability
CVE-2023-36868MEDIUM6.5ten sam produkt
Azure Service Fabric on Windows Information Disclosure Vulnerability
CVE-2022-35829MEDIUM6.2ten sam produkt
Service Fabric Explorer Spoofing Vulnerability