ID
VAR-202302-1454
CVE
CVE-2023-21777
TITLE
Azure Stack Hub Elevated Privileges in
Trust: 0.8
sources:
JVNDB: JVNDB-2023-001259
DESCRIPTION
Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability
Trust: 1.71
sources:
NVD: CVE-2023-21777 //
JVNDB: JVNDB-2023-001259 //
VULMON: CVE-2023-21777
IOT TAXONOMY
| category: | ['network device'] | sub_category: | hub | Trust: 0.1 |
sources:
OTHER: None
AFFECTED PRODUCTS
| vendor: | microsoft | model: | azure app service on azure stack | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | マイクロソフト | model: | azure stack hub | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | マイクロソフト | model: | azure stack hub | scope: | eq | version: | azure app service on | Trust: 0.8 |
sources:
JVNDB: JVNDB-2023-001259 //
NVD: CVE-2023-21777
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2023-001259 //
CNNVD: CNNVD-202302-1113 //
NVD: CVE-2023-21777 //
NVD: CVE-2023-21777
PROBLEMTYPE DATA
| problemtype: | CWE-284 | Trust: 1.0 |
| problemtype: | CWE-269 | Trust: 1.0 |
| problemtype: | Improper authority management (CWE-269) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2023-001259 //
NVD: CVE-2023-21777
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202302-1113
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202302-1113
PATCH
| title: | Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability Security Update Guide | url: | https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21777 | Trust: 0.8 |
| title: | Microsoft Azure App Service Security vulnerabilities | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=225161 | Trust: 0.6 |
sources:
JVNDB: JVNDB-2023-001259 //
CNNVD: CNNVD-202302-1113
EXTERNAL IDS
| db: | NVD | id: | CVE-2023-21777 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2023-001259 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202302-1113 | Trust: 0.6 |
| db: | OTHER | id: | NONE | Trust: 0.1 |
| db: | VULMON | id: | CVE-2023-21777 | Trust: 0.1 |
sources:
OTHER: None //
VULMON: CVE-2023-21777 //
JVNDB: JVNDB-2023-001259 //
CNNVD: CNNVD-202302-1113 //
NVD: CVE-2023-21777
REFERENCES
| url: | https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-21777 | Trust: 2.3 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2023-21777 | Trust: 0.8 |
| url: | https://www.ipa.go.jp/security/ciadr/vul/20230215-ms.html | Trust: 0.8 |
| url: | https://www.jpcert.or.jp/at/2023/at230004.html | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2023-21777/ | Trust: 0.6 |
| url: | https://ieeexplore.ieee.org/abstract/document/10769424 | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
OTHER: None //
VULMON: CVE-2023-21777 //
JVNDB: JVNDB-2023-001259 //
CNNVD: CNNVD-202302-1113 //
NVD: CVE-2023-21777
CREDITS
Ruslan Sayfiev,Denis Faiustov
Trust: 0.6
sources:
CNNVD: CNNVD-202302-1113
SOURCES
| db: | OTHER | id: | - |
| db: | VULMON | id: | CVE-2023-21777 |
| db: | JVNDB | id: | JVNDB-2023-001259 |
| db: | CNNVD | id: | CNNVD-202302-1113 |
| db: | NVD | id: | CVE-2023-21777 |
LAST UPDATE DATE
2025-01-30T21:54:05.618000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2023-21777 | date: | 2023-02-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2023-001259 | date: | 2023-03-01T05:36:00 |
| db: | CNNVD | id: | CNNVD-202302-1113 | date: | 2023-02-24T00:00:00 |
| db: | NVD | id: | CVE-2023-21777 | date: | 2024-05-29T02:15:16.480 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2023-21777 | date: | 2023-02-14T00:00:00 |
| db: | JVNDB | id: | JVNDB-2023-001259 | date: | 2023-03-01T00:00:00 |
| db: | CNNVD | id: | CNNVD-202302-1113 | date: | 2023-02-14T00:00:00 |
| db: | NVD | id: | CVE-2023-21777 | date: | 2023-02-14T20:15:14.860 |