CVE-2024-21364
CVSS 3.1 Score 9.3 of 10 (high)
Details
Published Feb 13, 2024
Updated: May 29, 2024
CWE ID 284
Summary
CVE-2024-21364 is a newly disclosed elevation of privilege vulnerability affecting Microsoft Azure Site Recovery. This issue grants attackers with unauthenticated network access the ability to elevate their privileges, potentially leading to unauthorized data access or modification. Exploitation of this vulnerability could allow attackers to take control of virtual machines and other resources protected by Azure Site Recovery. Microsoft urges users to apply the available security patch as soon as possible to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share