CVE-2024-37325

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-37325
Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability

8.1 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 Vendor Advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:azure_data_science_virtual_machine:*:*:*:*:*:linux:*:*
History

21 Nov 2024, 09:23

Type Values Removed Values Added
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 - Vendor Advisory () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 - Vendor Advisory

28 Aug 2024, 21:29

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:microsoft:azure_data_science_virtual_machine:*:*:*:*:*:linux:*:*
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37325 - Vendor Advisory
First Time Microsoft
Microsoft azure Data Science Virtual Machine

13 Jun 2024, 18:36

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de elevación de privilegios de Azure Science Virtual Machine (DSVM)

11 Jun 2024, 17:16

Type Values Removed Values Added
New CVE
Information

Published : 2024-06-11 17:16

Updated : 2024-11-21 09:23

NVD link : CVE-2024-37325

Mitre link : CVE-2024-37325

CVE.ORG link : CVE-2024-37325

JSON object : View

Products Affected

microsoft

  • azure_data_science_virtual_machine
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

NVD-CWE-noinfo