CVE-2024-49052
CVSS 3.1 Score 8.2 of 10 (high)
Details
Summary
CVE-2024-49052 is a newly disclosed vulnerability in Microsoft Azure PolicyWatch. This issue stems from a missing authentication mechanism for a critical function, which enables an unauthorized attacker to manipulate the system and elevate privileges over a network. An attacker could exploit this flaw to gain unauthorized access to sensitive resources and potentially escalate their privileges within an organization's Azure environment. The vulnerability poses a significant risk and requires immediate attention and remediation from Microsoft and affected organizations.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.