CVE-2024-21364

CVSS 3.1 Score 9.3 of 10 (high)

Details

Published Feb 13, 2024
Updated: May 29, 2024
CWE ID 284

Summary

CVE-2024-21364 is a newly disclosed elevation of privilege vulnerability affecting Microsoft Azure Site Recovery. This issue grants attackers with unauthenticated network access the ability to elevate their privileges, potentially leading to unauthorized data access or modification. Exploitation of this vulnerability could allow attackers to take control of virtual machines and other resources protected by Azure Site Recovery. Microsoft urges users to apply the available security patch as soon as possible to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share