CVE-2024-21424

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 9, 2024

Updated: Apr 10, 2024

CWE ID 284

Summary

CVE-2024-21424 is an elevation of privilege vulnerability affecting Azure Compute Gallery. Attackers can exploit this flaw to gain higher levels of access to affected Azure environments, potentially leading to data theft or unauthorized system modifications. The vulnerability arises from a misconfiguration in the Azure Compute Gallery, allowing unauthenticated users to bypass authentication checks and execute malicious code with elevated privileges. Microsoft has released a patch to address this issue, and users are strongly encouraged to install it as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vSTXgg
https://www.cve.org/CVERecord?id=CVE-2024-21424
https://nvd.nist.gov/vuln/detail/CVE-2024-21424

Back to Vulnerability Database

CVE-2024-21424

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations