CVE-2024-49052

CVSS 3.1 Score 8.2 of 10 (high)

Details

Published Nov 26, 2024
CWE ID 306

Summary

CVE-2024-49052 is a newly disclosed vulnerability in Microsoft Azure PolicyWatch. This issue stems from a missing authentication mechanism for a critical function, which enables an unauthorized attacker to manipulate the system and elevate privileges over a network. An attacker could exploit this flaw to gain unauthorized access to sensitive resources and potentially escalate their privileges within an organization's Azure environment. The vulnerability poses a significant risk and requires immediate attention and remediation from Microsoft and affected organizations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share