CVE-2024-38194

An authenticated attacker can exploit an improper authorization vulnerability in Azure Web Apps to elevate privileges over a network.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:azure_web_apps:-:*:*:*:*:*:*:*

History

17 Sep 2024, 17:02

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.4
v2 : unknown
v3 : 9.9
CWE NVD-CWE-noinfo
Summary
  • (es) Un atacante autenticado puede aprovechar una vulnerabilidad de autorización indebida en Azure Web Apps para elevar privilegios en una red.
First Time Microsoft
Microsoft azure Web Apps
CPE cpe:2.3:a:microsoft:azure_web_apps:-:*:*:*:*:*:*:*
References () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38194 - () https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38194 - Patch, Vendor Advisory

10 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-10 17:15

Updated : 2024-09-17 17:02


NVD link : CVE-2024-38194

Mitre link : CVE-2024-38194

CVE.ORG link : CVE-2024-38194


JSON object : View

Products Affected

microsoft

  • azure_web_apps
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation