CVE-2024-21421

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Mar 12, 2024

Summary

CVE-2024-21421 is a new vulnerability affecting the Azure Software Development Kit (SDK). This issue allows an attacker to perform spoofing attacks by manipulating the response from the SDK, potentially leading to unintended actions or the disclosure of sensitive information. The vulnerability stems from an improper validation of user input within the SDK, enabling threat actors to craft malicious requests and deceive the system into executing unauthorized actions. This vulnerability could pose a significant risk to organizations using the Azure SDK, emphasizing the importance of promptly applying any available patches or updates.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share