CVE-2020-17002

Summary

Azure SDK for C Security Feature Bypass Vulnerability

Affected Software

VendorProductVersion RangeStatus
Microsoftazure-c-shared-utility0 < publicationaffected
MicrosoftAzure-c-shared-utility Release LTS_02_2020_Ref020 < publicationaffected
MicrosoftAzure-c-shared-utility Release LTS_07_2020_Ref020 < publicationaffected
Microsoftazure-uamqp-c1.0.0 < publicationaffected
Microsoftazure-uamqp-c Release LTS_02_2020_Ref020 < publicationaffected
Microsoftazure-uamqp-c Release LTS_07_2020_Ref020 < publicationaffected
Microsoftazure-uhttp-c0 < publicationaffected
Microsoftazure-uhttp-c Release LTS_02_2020_Ref020 < publicationaffected
Microsoftazure-uhttp-c Release LTS_07_2020_Ref020 < publicationaffected
Microsoftazure-umqtt-c0 < publicationaffected
Microsoftazure-umqtt-c Release LTS_02_2020_Ref020 < publicationaffected
Microsoftazure-umqtt-c Release LTS_07_2020_Ref020 < publicationaffected
Microsoftazure-utpm-c0 < publicationaffected
Microsoftazure-utpm-c Release LTS_02_2020_Ref020 < publicationaffected
Microsoftazure-utpm-c Release LTS_07_2020_Ref020 < publicationaffected
MicrosoftC SDK for Azure IoT0 < publicationaffected
MicrosoftC SDK for Azure IoT Release LTS_02_2020_Ref020 < publicationaffected
MicrosoftC SDK for Azure IoT Release LTS_07_2020_Ref020 < publicationaffected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References