CVE-2024-38188

Published: Sep 10, 2024

Modified: Dec 31, 2024

PUBLISHED

CVSS v3.1

7.1

HIGH

Azure Network Watcher VM Agent Elevation of Privilege Vulnerability

Vendor	Product	Versions
Microsoft	Azure Network Watcher VM Extension	affected `1.4.3320.1 - < 1.4.3422.1`

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

High

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.