CVE-2024-21424

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Apr 9, 2024
Updated: Jan 8, 2025
CWE ID 284

Summary

CVE-2024-21424 is an elevation of privilege vulnerability affecting Azure Compute Gallery. An attacker who successfully exploits this flaw can gain elevated privileges, allowing them to perform unauthorized actions within the affected environment. This could result in potential data theft or unauthorized system modifications. Azure users are advised to apply the available security update as soon as possible to mitigate this risk. The specific cause of this vulnerability is yet to be disclosed by Microsoft, but users are encouraged to follow best practices, including implementing strong access control policies and regularly updating their systems.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Azure Compute Gallery

Affected Vendors

  • Microsoft