Rewterz Threat Advisory – Multiple Microsoft Azure Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-38155 CVSS: 7.0

Microsoft Azure DevOps Server and Team Foundation Server could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2023-29332 CVSS: 7.5

Microsoft Azure Kubernetes Service could allow a remote attacker to gain elevated privileges on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2023-38156 CVSS: 7.2

Microsoft Azure HDInsight could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apache Ambari component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to obtain domain administrator privileges.

CVE-2023-33136 CVSS: 8.8

Microsoft Azure DevOps Server could allow a remote authenticated attacker to execute arbitrary code on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

• Privilege Escalation
• Code Execution

Indicators Of Compromise

CVE

• CVE-2023-38155
• CVE-2023-29332
• CVE-2023-38156
• CVE-2023-33136

Affected Vendors

Microsoft

Affected Products

• Microsoft Azure DevOps Server 2022
• Microsoft Azure Kubernetes Service
• Microsoft Azure HDInsights
• Microsoft Azure DevOps Server
• Microsoft Azure DevOps

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2023-38155

CVE-2023-29332

CVE-2023-38156

CVE-2023-33136