CVE-2024-38092

Summary

Azure CycleCloud Elevation of Privilege Vulnerability

Affected Software

VendorProductVersion RangeStatus
MicrosoftAzure CycleCloud 7.9.107.9.10 < 8.6.2affected
MicrosoftAzure CycleCloud 8.2.08.2.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.0.08.0.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.6.08.6.0 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.07.9.0 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.37.9.3 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.17.9.1 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.97.9.9 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.87.8.9 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.117.9.11 < 8.6.2affected
MicrosoftAzure CycleCloud 8.0.18.0.0 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.27.9.2 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.67.9.6 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.47.9.4 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.107.9.5 < 8.6.2affected
MicrosoftAzure CycleCloud 7.9.77.9.7 < 8.6.2affected
MicrosoftAzure CycleCloud 8.0.28.0.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.1.18.1.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.2.18.2.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.1.08.1.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.2.28.2.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.3.08.3.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.4.18.4.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.4.08.4.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.4.28.4.0 < 8.6.2affected
MicrosoftAzure CycleCloud 8.5.08.5.0 < 8.6.2affected

Weaknesses

  • CWE-693: CWE-693: Protection Mechanism Failure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References