Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for azure_cyclecloud by microsoft
CVE-2024-43602 (GCVE-0-2024-43602)
Vulnerability from cvelistv5 – Published: 2024-11-12 17:53 – Updated: 2025-07-08 15:41
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud |
Affected:
8.6.3 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.4 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.5
(custom)
|
Date Public
2024-11-12 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T16:27:36.847807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T16:27:50.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.4",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-11-12T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T15:41:00.654Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43602"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43602",
"datePublished": "2024-11-12T17:53:37.113Z",
"dateReserved": "2024-08-14T01:08:33.550Z",
"dateUpdated": "2025-07-08T15:41:00.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43469 (GCVE-0-2024-43469)
Vulnerability from cvelistv5 – Published: 2024-09-10 16:54 – Updated: 2024-12-31 23:03
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.3 , < 8.6.4
(custom)
|
Date Public
2024-09-10 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:32:10.339265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:33:54.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.3",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:20.890Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43469"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43469",
"datePublished": "2024-09-10T16:54:15.755Z",
"dateReserved": "2024-08-14T01:08:33.517Z",
"dateUpdated": "2024-12-31T23:03:20.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38195 (GCVE-0-2024-38195)
Vulnerability from cvelistv5 – Published: 2024-08-13 17:30 – Updated: 2025-07-10 16:33
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.3
(custom)
|
Date Public
2024-08-13 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T15:01:54.358271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:02:06.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-08-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T16:33:45.281Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38195"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38195",
"datePublished": "2024-08-13T17:30:32.378Z",
"dateReserved": "2024-06-11T22:36:08.217Z",
"dateUpdated": "2025-07-10T16:33:45.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38092 (GCVE-0-2024-38092)
Vulnerability from cvelistv5 – Published: 2024-07-09 17:03 – Updated: 2025-12-09 23:47
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.9.10 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.0 |
Affected:
7.9.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.3 |
Affected:
7.9.3 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.1 |
Affected:
7.9.1 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.9 |
Affected:
7.9.9 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.8 |
Affected:
7.8.9 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.11 |
Affected:
7.9.11 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.2 |
Affected:
7.9.2 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.6 |
Affected:
7.9.6 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.4 |
Affected:
7.9.4 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.9.5 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.7 |
Affected:
7.9.7 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.2
(custom)
|
Date Public
2024-07-09 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T19:07:36.383317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T19:07:51.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.10",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.9",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.9",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.8.9",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.11",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.11",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.6",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.6",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.4",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.4",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.5",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.7",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-07-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T23:47:43.690Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38092"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38092",
"datePublished": "2024-07-09T17:03:23.658Z",
"dateReserved": "2024-06-11T22:36:08.183Z",
"dateUpdated": "2025-12-09T23:47:43.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-29993 (GCVE-0-2024-29993)
Vulnerability from cvelistv5 – Published: 2024-04-09 17:01 – Updated: 2025-05-03 00:40
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.1
(custom)
|
Date Public
2024-04-09 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:41:59.058903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:40.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:00.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.1",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.1",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-04-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T00:40:30.506Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-29993",
"datePublished": "2024-04-09T17:01:28.700Z",
"dateReserved": "2024-03-22T23:12:11.047Z",
"dateUpdated": "2025-05-03T00:40:30.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41085 (GCVE-0-2022-41085)
Vulnerability from cvelistv5 – Published: 2022-11-09 00:00 – Updated: 2025-01-02 21:31
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.3.0
(custom)
|
|
| Microsoft | Azure CycleCloud 7 |
Affected:
7.0 , < 7.9.11
(custom)
|
Date Public
2022-11-08 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41085"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T16:59:19.552399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T16:59:55.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.9.11",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.3.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.9.11",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-11-08T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T21:31:21.815Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41085"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41085",
"datePublished": "2022-11-09T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2025-01-02T21:31:21.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36943 (GCVE-0-2021-36943)
Vulnerability from cvelistv5 – Published: 2021-08-12 18:12 – Updated: 2024-08-04 01:09
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.0.0 , < 8.2.0
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:54:12.291Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36943"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-36943",
"datePublished": "2021-08-12T18:12:30.000Z",
"dateReserved": "2021-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:09:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33762 (GCVE-0-2021-33762)
Vulnerability from cvelistv5 – Published: 2021-08-12 18:11 – Updated: 2024-08-03 23:58
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.0.0 , < 7.9.19
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:7.9.10:*:*:*:*:*:*:* |
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.0.0 , < 8.2.0
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:22.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:7.9.10:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.9.19",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:49.487Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33762"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-33762",
"datePublished": "2021-08-12T18:11:47.000Z",
"dateReserved": "2021-05-28T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:22.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43602 (GCVE-0-2024-43602)
Vulnerability from nvd – Published: 2024-11-12 17:53 – Updated: 2025-07-08 15:41
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
9.9 (Critical)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
17 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud |
Affected:
8.6.3 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.4 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.5
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.5
(custom)
|
Date Public
2024-11-12 08:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T16:27:36.847807Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T16:27:50.851Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.4",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.5",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.5",
"versionStartIncluding": "8.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-11-12T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T15:41:00.654Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43602"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43602",
"datePublished": "2024-11-12T17:53:37.113Z",
"dateReserved": "2024-08-14T01:08:33.550Z",
"dateUpdated": "2025-07-08T15:41:00.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43469 (GCVE-0-2024-43469)
Vulnerability from nvd – Published: 2024-09-10 16:54 – Updated: 2024-12-31 23:03
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.4
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.3 , < 8.6.4
(custom)
|
Date Public
2024-09-10 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:32:10.339265Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:33:54.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.4",
"status": "affected",
"version": "8.6.3",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.4",
"versionStartIncluding": "8.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:20.890Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43469"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43469",
"datePublished": "2024-09-10T16:54:15.755Z",
"dateReserved": "2024-08-14T01:08:33.517Z",
"dateUpdated": "2024-12-31T23:03:20.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38195 (GCVE-0-2024-38195)
Vulnerability from nvd – Published: 2024-08-13 17:30 – Updated: 2025-07-10 16:33
VLAI
Title
Azure CycleCloud Remote Code Execution Vulnerability
Summary
Azure CycleCloud Remote Code Execution Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.3
(custom)
|
|
| Microsoft | Azure CycleCloud |
Affected:
8.6.0 , < 8.6.3
(custom)
|
Date Public
2024-08-13 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T15:01:54.358271Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T15:02:06.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.3",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.3",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-08-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-10T16:33:45.281Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38195"
}
],
"title": "Azure CycleCloud Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38195",
"datePublished": "2024-08-13T17:30:32.378Z",
"dateReserved": "2024-06-11T22:36:08.217Z",
"dateUpdated": "2025-07-10T16:33:45.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38092 (GCVE-0-2024-38092)
Vulnerability from nvd – Published: 2024-07-09 17:03 – Updated: 2025-12-09 23:47
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
26 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.9.10 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.0 |
Affected:
7.9.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.3 |
Affected:
7.9.3 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.1 |
Affected:
7.9.1 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.9 |
Affected:
7.9.9 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.8 |
Affected:
7.8.9 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.11 |
Affected:
7.9.11 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.1 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.2 |
Affected:
7.9.2 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.6 |
Affected:
7.9.6 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.4 |
Affected:
7.9.4 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.9.5 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 7.9.7 |
Affected:
7.9.7 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.0.2 |
Affected:
8.0.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.1 |
Affected:
8.1.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.1 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.1.0 |
Affected:
8.1.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.2.2 |
Affected:
8.2.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.3.0 |
Affected:
8.3.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.1 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.0 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.4.2 |
Affected:
8.4.0 , < 8.6.2
(custom)
|
|
| Microsoft | Azure CycleCloud 8.5.0 |
Affected:
8.5.0 , < 8.6.2
(custom)
|
Date Public
2024-07-09 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T19:07:36.383317Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T19:07:51.586Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:04:25.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.10",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.3",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.3",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.9",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.9",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.8",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.8.9",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.11",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.11",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.2",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.6",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.6",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.4",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.4",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.5",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "7.9.7",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.1.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.2.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.3.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.3.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.4.2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.4.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.5.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.8.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "7.9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.2",
"versionStartIncluding": "8.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-07-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T23:47:43.690Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38092"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38092",
"datePublished": "2024-07-09T17:03:23.658Z",
"dateReserved": "2024-06-11T22:36:08.183Z",
"dateUpdated": "2025-12-09T23:47:43.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-29993 (GCVE-0-2024-29993)
Vulnerability from nvd – Published: 2024-04-09 17:01 – Updated: 2025-05-03 00:40
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.6.0 |
Affected:
8.6.0 , < 8.6.1
(custom)
|
Date Public
2024-04-09 07:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29993",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:41:59.058903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:22:40.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:00.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.6.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.6.1",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.6.1",
"versionStartIncluding": "8.6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-04-09T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T00:40:30.506Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-29993",
"datePublished": "2024-04-09T17:01:28.700Z",
"dateReserved": "2024-03-22T23:12:11.047Z",
"dateUpdated": "2025-05-03T00:40:30.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-41085 (GCVE-0-2022-41085)
Vulnerability from nvd – Published: 2022-11-09 00:00 – Updated: 2025-01-02 21:31
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.0.0 |
Affected:
8.0.0 , < 8.3.0
(custom)
|
|
| Microsoft | Azure CycleCloud 7 |
Affected:
7.0 , < 7.9.11
(custom)
|
Date Public
2022-11-08 08:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:35:49.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41085"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41085",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T16:59:19.552399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T16:59:55.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.0.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.3.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.9.11",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.3.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:azure_cyclecloud:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.9.11",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-11-08T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T21:31:21.815Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure CycleCloud Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41085"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-41085",
"datePublished": "2022-11-09T00:00:00.000Z",
"dateReserved": "2022-09-19T00:00:00.000Z",
"dateUpdated": "2025-01-02T21:31:21.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-36943 (GCVE-0-2021-36943)
Vulnerability from nvd – Published: 2021-08-12 18:12 – Updated: 2024-08-04 01:09
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.0.0 , < 8.2.0
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:09:07.320Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36943"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:54:12.291Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36943"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-36943",
"datePublished": "2021-08-12T18:12:30.000Z",
"dateReserved": "2021-07-19T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:09:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-33762 (GCVE-0-2021-33762)
Vulnerability from nvd – Published: 2021-08-12 18:11 – Updated: 2024-08-03 23:58
VLAI
Title
Azure CycleCloud Elevation of Privilege Vulnerability
Summary
Azure CycleCloud Elevation of Privilege Vulnerability
Severity
CWE
- Elevation of Privilege
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://portal.msrc.microsoft.com/en-US/security-… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure CycleCloud 7.9.10 |
Affected:
7.0.0 , < 7.9.19
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:7.9.10:*:*:*:*:*:*:* |
|
| Microsoft | Azure CycleCloud 8.2.0 |
Affected:
8.0.0 , < 8.2.0
(custom)
cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:* |
Date Public
2021-08-10 07:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:22.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:7.9.10:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 7.9.10",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "7.9.19",
"status": "affected",
"version": "7.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:azure_cyclecloud:8.2.0:*:*:*:*:*:*:*"
],
"platforms": [
"Unknown"
],
"product": "Azure CycleCloud 8.2.0",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "8.2.0",
"status": "affected",
"version": "8.0.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-08-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-28T19:53:49.487Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33762"
}
],
"title": "Azure CycleCloud Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-33762",
"datePublished": "2021-08-12T18:11:47.000Z",
"dateReserved": "2021-05-28T00:00:00.000Z",
"dateUpdated": "2024-08-03T23:58:22.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}