Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
56 vulnerabilities found for Azure Sphere by Microsoft
VAR-202111-0473
Vulnerability from variot - Updated: 2023-12-28 22:09Azure Sphere Information Disclosure Vulnerability. This vulnerability is CVE-2021-41374 and CVE-2021-41375 Is a different vulnerability.Information may be disclosed. Microsoft Azure Sphere is a device of Microsoft Corporation in the United States that is used in cloud environments to provide security protection. No detailed vulnerability details are currently provided
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-0473",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "azure sphere",
"scope": "lt",
"trust": 1.0,
"vendor": "microsoft",
"version": "21.10"
},
{
"model": "azure sphere",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
},
{
"model": "azure sphere",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41376"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
],
"trust": 0.6
},
"cve": "CVE-2021-41376",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 2.1,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-41376",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-93384",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "secure@microsoft.com",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.4,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-41376",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-41376",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "secure@microsoft.com",
"id": "CVE-2021-41376",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2021-93384",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-820",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Azure Sphere Information Disclosure Vulnerability. This vulnerability is CVE-2021-41374 and CVE-2021-41375 Is a different vulnerability.Information may be disclosed. Microsoft Azure Sphere is a device of Microsoft Corporation in the United States that is used in cloud environments to provide security protection. No detailed vulnerability details are currently provided",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "CNVD",
"id": "CNVD-2021-93384"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41376",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-93384",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021110912",
"trust": 0.6
},
{
"db": "TALOS",
"id": "TALOS-2021-1343",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"id": "VAR-202111-0473",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
}
]
},
"last_update_date": "2023-12-28T22:09:19.941000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Azure\u00a0Sphere\u00a0Information\u00a0Disclosure\u00a0Vulnerability Security Update Guide",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-41376"
},
{
"title": "Patch for Microsoft Azure Sphere buffer overflow vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/302236"
},
{
"title": "Microsoft Azure Sphere Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=169557"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-41376"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41376"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20211110-ms.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2021/at210048.html"
},
{
"trust": 0.6,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-41376"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021110912"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2021-1343"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"date": "2021-11-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"date": "2021-11-10T01:19:31.483000",
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"date": "2021-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-93384"
},
{
"date": "2021-11-15T08:48:00",
"db": "JVNDB",
"id": "JVNDB-2021-004119"
},
{
"date": "2023-12-28T16:15:53.353000",
"db": "NVD",
"id": "CVE-2021-41376"
},
{
"date": "2021-11-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Azure\u00a0Sphere\u00a0 Vulnerability to disclose information in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004119"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-820"
}
],
"trust": 0.6
}
}
VAR-202111-0789
Vulnerability from variot - Updated: 2023-12-28 22:09Azure Sphere Tampering Vulnerability. Microsoft Azure Sphere is a device of Microsoft Corporation in the United States that is used in cloud environments to provide security protection. The vulnerability stems from the network system or product not fully verifying the source or authenticity of the data. Attackers can use forged data to attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202111-0789",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "azure sphere",
"scope": "lt",
"trust": 1.6,
"vendor": "microsoft",
"version": "21.10"
},
{
"model": "azure sphere",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.10",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-42300"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Claudio Bozzato with Cisco Talos",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
],
"trust": 0.6
},
"cve": "CVE-2021-42300",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.6,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-42300",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-94959",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "secure@microsoft.com",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-42300",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-42300",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "secure@microsoft.com",
"id": "CVE-2021-42300",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2021-94959",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202111-819",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Azure Sphere Tampering Vulnerability. Microsoft Azure Sphere is a device of Microsoft Corporation in the United States that is used in cloud environments to provide security protection. The vulnerability stems from the network system or product not fully verifying the source or authenticity of the data. Attackers can use forged data to attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "CNVD",
"id": "CNVD-2021-94959"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-42300",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2021-94959",
"trust": 0.6
},
{
"db": "TALOS",
"id": "TALOS-2021-1342",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021110912",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"id": "VAR-202111-0789",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
}
]
},
"last_update_date": "2023-12-28T22:09:19.914000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Azure\u00a0Sphere\u00a0Tampering\u00a0Vulnerability Security Update Guide",
"trust": 0.8,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-42300"
},
{
"title": "Patch for Microsoft Azure Sphere data forgery issue vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/303286"
},
{
"title": "Microsoft Azure Sphere Repair measures for data forgery problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=169162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "Lack of information (CWE-noinfo) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-42300"
},
{
"trust": 1.6,
"url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2021-42300"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20211110-ms.html"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2021/at210048.html"
},
{
"trust": 0.6,
"url": "https://msrc.microsoft.com/update-guide/vulnerability/cve-2021-42300"
},
{
"trust": 0.6,
"url": "https://talosintelligence.com/vulnerability_reports/talos-2021-1342"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021110912"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"date": "2021-11-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"date": "2021-11-10T01:19:47.720000",
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"date": "2021-11-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-12-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-94959"
},
{
"date": "2021-11-19T05:05:00",
"db": "JVNDB",
"id": "JVNDB-2021-004380"
},
{
"date": "2023-12-28T16:15:58.273000",
"db": "NVD",
"id": "CVE-2021-42300"
},
{
"date": "2021-11-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Azure\u00a0Sphere\u00a0 Vulnerability to be tampered with",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-004380"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "data forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202111-819"
}
],
"trust": 0.6
}
}
CVE-2022-35821 (GCVE-0-2022-35821)
Vulnerability from nvd – Published: 2022-08-09 20:11 – Updated: 2025-01-02 19:34
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
|
Date Public
2022-08-09 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:22.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure Sphere Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35821"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T16:04:46.243206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T16:04:56.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.07",
"versionStartIncluding": "20.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-08-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T19:34:54.781Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Sphere Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35821"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-35821",
"datePublished": "2022-08-09T20:11:50.000Z",
"dateReserved": "2022-07-13T00:00:00.000Z",
"dateUpdated": "2025-01-02T19:34:54.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42300 (GCVE-0-2021-42300)
Vulnerability from nvd – Published: 2021-11-10 00:47 – Updated: 2024-08-04 03:30
VLAI
Title
Azure Sphere Tampering Vulnerability
Summary
Azure Sphere Tampering Vulnerability
Severity
CWE
- Tampering
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Tampering Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tampering",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:42.681Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42300"
}
],
"title": "Azure Sphere Tampering Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-42300",
"datePublished": "2021-11-10T00:47:31.000Z",
"dateReserved": "2021-10-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:30:38.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41376 (GCVE-0-2021-41376)
Vulnerability from nvd – Published: 2021-11-10 00:46 – Updated: 2024-08-04 03:08
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41376"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:56.756Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41376"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41376",
"datePublished": "2021-11-10T00:46:51.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:08:32.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41375 (GCVE-0-2021-41375)
Vulnerability from nvd – Published: 2021-11-10 00:46 – Updated: 2024-08-04 03:08
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:56.224Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41375"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41375",
"datePublished": "2021-11-10T00:46:49.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:08:32.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41374 (GCVE-0-2021-41374)
Vulnerability from nvd – Published: 2021-11-10 00:46 – Updated: 2024-10-01 15:52
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41374"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-26T18:51:16.422266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:52:38.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:55.689Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41374"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41374",
"datePublished": "2021-11-10T00:46:48.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-10-01T15:52:38.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36956 (GCVE-0-2021-36956)
Vulnerability from nvd – Published: 2021-09-15 11:23 – Updated: 2024-08-04 01:09
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.08
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-09-14 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.08",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:37:24.844Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36956"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-36956",
"datePublished": "2021-09-15T11:23:33.000Z",
"dateReserved": "2021-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:09:07.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26430 (GCVE-0-2021-26430)
Vulnerability from nvd – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Denial of Service Vulnerability
Summary
Azure Sphere Denial of Service Vulnerability
Severity
CWE
- Denial of Service
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26430"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Denial of Service Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:57.327Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26430"
}
],
"title": "Azure Sphere Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26430",
"datePublished": "2021-08-12T18:11:40.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26429 (GCVE-0-2021-26429)
Vulnerability from nvd – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Elevation of Privilege Vulnerability
Summary
Azure Sphere Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:56.816Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26429"
}
],
"title": "Azure Sphere Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26429",
"datePublished": "2021-08-12T18:11:39.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26428 (GCVE-0-2021-26428)
Vulnerability from nvd – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:56.324Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26428"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26428",
"datePublished": "2021-08-12T18:11:37.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28460 (GCVE-0-2021-28460)
Vulnerability from nvd – Published: 2021-04-13 19:33 – Updated: 2024-08-03 21:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
CWE
- Remote Code Execution
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-04-13 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:40:14.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-04-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T19:21:46.253Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-28460",
"datePublished": "2021-04-13T19:33:39.000Z",
"dateReserved": "2021-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:40:14.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27074 (GCVE-0-2021-27074)
Vulnerability from nvd – Published: 2021-03-11 15:50 – Updated: 2024-08-03 20:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-03-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1247"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-03-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:08:48.954Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1247"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1249"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27074",
"datePublished": "2021-03-11T15:50:40.000Z",
"dateReserved": "2021-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:40:47.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27080 (GCVE-0-2021-27080)
Vulnerability from nvd – Published: 2021-03-11 15:47 – Updated: 2024-08-03 20:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
9.3 (Critical)
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-03-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-03-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:08:50.513Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1250"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27080",
"datePublished": "2021-03-11T15:47:12.000Z",
"dateReserved": "2021-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:40:47.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16994 (GCVE-0-2020-16994)
Vulnerability from nvd – Published: 2020-11-11 06:47 – Updated: 2024-10-01 15:56
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < publication
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2020-11-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:34.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1093"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16994"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-16994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-27T17:04:10.878436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:56:32.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:40.169Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1093"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16994"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-16994",
"datePublished": "2020-11-11T06:47:57.000Z",
"dateReserved": "2020-08-04T00:00:00.000Z",
"dateUpdated": "2024-10-01T15:56:32.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16992 (GCVE-0-2020-16992)
Vulnerability from nvd – Published: 2020-11-11 06:47 – Updated: 2024-09-10 15:51
VLAI
Title
Azure Sphere Elevation of Privilege Vulnerability
Summary
Azure Sphere Elevation of Privilege Vulnerability
Severity
7.5 (High)
CWE
- Elevation of Privilege
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < publication
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2020-11-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:34.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1133"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:39.691Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1133"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16992"
}
],
"title": "Azure Sphere Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-16992",
"datePublished": "2020-11-11T06:47:56.000Z",
"dateReserved": "2020-08-04T00:00:00.000Z",
"dateUpdated": "2024-09-10T15:51:39.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35821 (GCVE-0-2022-35821)
Vulnerability from cvelistv5 – Published: 2022-08-09 20:11 – Updated: 2025-01-02 19:34
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
|
Date Public
2022-08-09 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:44:22.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure Sphere Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35821"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-35821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-17T16:04:46.243206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T16:04:56.754Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.07",
"versionStartIncluding": "20.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-08-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T19:34:54.781Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Sphere Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35821"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-35821",
"datePublished": "2022-08-09T20:11:50.000Z",
"dateReserved": "2022-07-13T00:00:00.000Z",
"dateUpdated": "2025-01-02T19:34:54.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42300 (GCVE-0-2021-42300)
Vulnerability from cvelistv5 – Published: 2021-11-10 00:47 – Updated: 2024-08-04 03:30
VLAI
Title
Azure Sphere Tampering Vulnerability
Summary
Azure Sphere Tampering Vulnerability
Severity
CWE
- Tampering
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:38.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42300"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Tampering Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tampering",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:42.681Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42300"
}
],
"title": "Azure Sphere Tampering Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-42300",
"datePublished": "2021-11-10T00:47:31.000Z",
"dateReserved": "2021-10-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:30:38.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41376 (GCVE-0-2021-41376)
Vulnerability from cvelistv5 – Published: 2021-11-10 00:46 – Updated: 2024-08-04 03:08
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41376"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:56.756Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41376"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41376",
"datePublished": "2021-11-10T00:46:51.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:08:32.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41375 (GCVE-0-2021-41375)
Vulnerability from cvelistv5 – Published: 2021-11-10 00:46 – Updated: 2024-08-04 03:08
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41375"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:56.224Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41375"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41375",
"datePublished": "2021-11-10T00:46:49.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:08:32.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41374 (GCVE-0-2021-41374)
Vulnerability from cvelistv5 – Published: 2021-11-10 00:46 – Updated: 2024-10-01 15:52
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 22.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-11-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:32.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41374"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-41374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-26T18:51:16.422266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:52:38.229Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "22.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-29T14:47:55.689Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41374"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-41374",
"datePublished": "2021-11-10T00:46:48.000Z",
"dateReserved": "2021-09-17T00:00:00.000Z",
"dateUpdated": "2024-10-01T15:52:38.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36956 (GCVE-0-2021-36956)
Vulnerability from cvelistv5 – Published: 2021-09-15 11:23 – Updated: 2024-08-04 01:09
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.08
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-09-14 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36956"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.08",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-14T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:37:24.844Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36956"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-36956",
"datePublished": "2021-09-15T11:23:33.000Z",
"dateReserved": "2021-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:09:07.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26430 (GCVE-0-2021-26430)
Vulnerability from cvelistv5 – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Denial of Service Vulnerability
Summary
Azure Sphere Denial of Service Vulnerability
Severity
CWE
- Denial of Service
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26430"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Denial of Service Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:57.327Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26430"
}
],
"title": "Azure Sphere Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26430",
"datePublished": "2021-08-12T18:11:40.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26429 (GCVE-0-2021-26429)
Vulnerability from cvelistv5 – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Elevation of Privilege Vulnerability
Summary
Azure Sphere Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:56.816Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26429"
}
],
"title": "Azure Sphere Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26429",
"datePublished": "2021-08-12T18:11:39.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26428 (GCVE-0-2021-26428)
Vulnerability from cvelistv5 – Published: 2021-08-12 18:11 – Updated: 2024-08-03 20:26
VLAI
Title
Azure Sphere Information Disclosure Vulnerability
Summary
Azure Sphere Information Disclosure Vulnerability
Severity
CWE
- Information Disclosure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < 21.07
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:26:25.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26428"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "21.07",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:56.324Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26428"
}
],
"title": "Azure Sphere Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-26428",
"datePublished": "2021-08-12T18:11:37.000Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:26:25.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28460 (GCVE-0-2021-28460)
Vulnerability from cvelistv5 – Published: 2021-04-13 19:33 – Updated: 2024-08-03 21:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
CWE
- Remote Code Execution
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-04-13 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:40:14.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-04-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T19:21:46.253Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-28460",
"datePublished": "2021-04-13T19:33:39.000Z",
"dateReserved": "2021-03-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:40:14.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27074 (GCVE-0-2021-27074)
Vulnerability from cvelistv5 – Published: 2021-03-11 15:50 – Updated: 2024-08-03 20:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
CWE
- Remote Code Execution
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-03-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.240Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27074"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1247"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-03-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:08:48.954Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27074"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1247"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1249"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27074",
"datePublished": "2021-03-11T15:50:40.000Z",
"dateReserved": "2021-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:40:47.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27080 (GCVE-0-2021-27080)
Vulnerability from cvelistv5 – Published: 2021-03-11 15:47 – Updated: 2024-08-03 20:40
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
9.3 (Critical)
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
N/A
|
Date Public
2021-03-09 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27080"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"datePublic": "2021-03-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:08:50.513Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27080"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1250"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27080",
"datePublished": "2021-03-11T15:47:12.000Z",
"dateReserved": "2021-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:40:47.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16994 (GCVE-0-2020-16994)
Vulnerability from cvelistv5 – Published: 2020-11-11 06:47 – Updated: 2024-10-01 15:56
VLAI
Title
Azure Sphere Unsigned Code Execution Vulnerability
Summary
Azure Sphere Unsigned Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Remote Code Execution
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < publication
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2020-11-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:34.736Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1093"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16994"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-16994",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-27T17:04:10.878436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T15:56:32.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Unsigned Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:40.169Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1093"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16994"
}
],
"title": "Azure Sphere Unsigned Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-16994",
"datePublished": "2020-11-11T06:47:57.000Z",
"dateReserved": "2020-08-04T00:00:00.000Z",
"dateUpdated": "2024-10-01T15:56:32.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16992 (GCVE-0-2020-16992)
Vulnerability from cvelistv5 – Published: 2020-11-11 06:47 – Updated: 2024-09-10 15:51
VLAI
Title
Azure Sphere Elevation of Privilege Vulnerability
Summary
Azure Sphere Elevation of Privilege Vulnerability
Severity
7.5 (High)
CWE
- Elevation of Privilege
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.talosintelligence.com/vulnerability_r… | x_refsource_MISC |
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Sphere |
Affected:
20.00 , < publication
(custom)
cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:* |
Date Public
2020-11-10 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:34.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1133"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_sphere:*:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure Sphere",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "20.00",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-11-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure Sphere Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T15:51:39.691Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1133"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16992"
}
],
"title": "Azure Sphere Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-16992",
"datePublished": "2020-11-11T06:47:56.000Z",
"dateReserved": "2020-08-04T00:00:00.000Z",
"dateUpdated": "2024-09-10T15:51:39.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}